Duo Issues?
Posted by tldr_MakeStuffUp@reddit | sysadmin | View on Reddit | 10 comments
Anyone having trouble with Duo this morning? Get invalid credentials when signing into the admin portal, account isn't recognized as an admin user when I try resetting the password, all my SSO integrations are down. Same symptoms across my org. Our renewals don't hit until January and haven't gotten any notices from billing so I don't think it's related to licensing. Just reached out to support and am waiting for a reply.
MNmetalhead@reddit
The main issue I’ve had with Duo lately is the wrong location showing when I get a push notification.
My security team says that the IP info they’re seeing is okay, so there isn’t any bad actor doing anything and is most likely a geolocation database that is outdated which Duo references. Nice to know there’s nothing nefarious going on, bug it still bugs me.
ballzsweat@reddit
Good to know about these issues as I’m implementing right now. Aside from this issue Have you configured any fail safe options like bypass code in case of connectivity issues?
tldr_MakeStuffUp@reddit (OP)
Bypass codes are easy to configure on a per need basis, with options for time expiration, number of uses, etc.
In case of connectivity issues, one of the default authentication options is Duo Passcode, which is a rotating authenticator code you get off the Duo App on your device (which works regardless of network connectivity, much like any other authenticator app/token).
If you use it to secure endpoints, there's a failopen option that lets you through if Duo cannot be reached instead of blocking out your access. There's also an option to enable it for Remote access but not while logging in directly on the endpoint.
Overall, I've been fairly happy with Duo. We've been a client for 8+ years now. Today's issue prevented me from signing into the Administrator portal entirely (as if my account didn't exist) which would entirely block your ability to manage any of your users or applications. This has never happened to me before, and was entirely on their end, but I do not see any way around it other than waiting for Duo to address.
ballzsweat@reddit
Thank you!
bageloid@reddit
https://status.duo.com/
tldr_MakeStuffUp@reddit (OP)
Issues seem to have been resolved 5 minutes after the status went out, looks good on my end now.
timmyk0@reddit
It's working for me, their status page showed nothing earlier but now shows an issue with admin panel logins.
https://status.duo.com/
tldr_MakeStuffUp@reddit (OP)
I looked into it for about 25 minutes before posting anything here. Sounds like only some tenants were affected. We're back now, just got into the admin portal through SSO fine.
iratesysadmin@reddit
Just tested here and was able to make a fresh auth into a SSO'd application (AD synced to Duo, using Duo SSO as IDP and MFA) without issue.
haggis42@reddit
Same over here