Brave-browser: Duo 2FA does not work with Brave Version 1.0.1 Chromium: 78.0.3904.108 (Official Build) (64-bit) on Windows 10

Created on 25 Nov 2019  路  5Comments  路  Source: brave/brave-browser

Description

Brave does not allow Duo authentication for sites using Azure AD login integration and Duo 2FA

Steps to Reproduce

  1. Attempt to log in to Office 365, Sharepoint, or other sites using Azure AD login with Duo authentication
  2. Receive an Oops! error from Duo security that cannot provide the Duo authentication screen (offering push or SMS) at https://us.azureauth.duosecurity.com/authorization
  3. Disable Shields for both microsoft.com and Duo.com, issue still occurs.

Actual result:

Error
duo-error

Correct behavior
properauth

Expected result:

Expected result (experienced on MS Edge) is a screen that shows Duo options to send a push, or an SMS. A push is sent to the user's Duo-configured mobile device and when acknowledged, the user is directed to the proper site, having authenticated.

Reproduces how often:

Happens every time.

Brave version (brave://version info)

78.0.3904.108

  • Can you reproduce this issue with the current release? Yes

Other Additional Information:

  • Does the issue resolve itself when disabling Brave Shields? No
  • Does the issue resolve itself when disabling Brave Rewards? Not enabled
  • Is the issue reproducible on the latest version of Chrome? Appears to be
featurshieldwebcompat workarounshields-down
Source
picture JediPirateNinja

All 5 comments

Update: This actually does work if Shields are disabled for associated Microsoft and Duo websites.

JediPirateNinja picture JediPirateNinja on 27 Nov 2019
👍1

@JediPirateNinja is this still an issue? If so, which shield setting is causing the issue? Does it work if we Allow all cookies

ryanbr picture ryanbr on 7 Mar 2020

@JediPirateNinja is this still an issue? If so, which shield setting is causing the issue? Does it work if we Allow all cookies

@ryanbr I can confirm that this happens on version 80.0.3987.132 in our organization. As mentioned, disabling shields on:

https://login.microsoftonline.com/federation/redirecttoexternalprovider
and:
https://us.azureauth.duosecurity.com/authorization

solved the problem for me. Note that just disabling on the us.azureauth.duosecurity.com did not resolve the problem, I had to go back and disable it on the redirect site (it's essentially two redirects after typing in your credentials).

iamkilo picture iamkilo on 11 Mar 2020
👍1

Can confirm this is an issue I am personally seeing. I had to manually visit those two sites, disabling shields, to be able to login.

OSX Version 1.8.95 Chromium: 81.0.4044.138 (Official Build) (64-bit)

usscarter picture usscarter on 8 May 2020
👍1

this is still an issue with Version 1.10.97 Chromium: 83.0.4103.116 (Official Build) (64-bit)

i have tried manually visiting both sites and whitelisting them but i still get the Oops prompt

izenn picture izenn on 7 Jul 2020
Was this page helpful?
0 / 5 - 0 ratings

Related issues

simonhong picture simonhong  路  3Comments
bbondy picture bbondy  路  3Comments
bbondy picture bbondy  路  3Comments
hollons picture hollons  路  3Comments
fmarier picture fmarier  路  3Comments