WebAIM - Web Accessibility In Mind

E-mail List Archives

Duo 2-factor authentication and DNS browser extension interaction


From: Martina Svyantek
Date: Oct 26, 2017 1:25PM

Good afternoon.

I've recently come across an issue with the Dragon Naturally Speaking
browser extension (such as for Chrome) "breaking" the Duo 2-factor
authentication process used to sign in to different resources.

We've been able to replicate this using Windows 7, 8, and 10. This occurs
with both Dragon Naturally Speaking 13 and 12.5; the browser extension
doesn't need to even be working correctly with DNS, just enabled on the
browser itself. Dragon's extension/add-in in Chrome/Firefox/IE appears to
somehow interfere with 2-factor authentication. If you disable these
add-ins, you can get past the 2-factor authentication, but then the
software is turned off. This is the error message when running through Duo
with the DNS extension enabled:


You did something we can't handle. Common causes:

* Using the back button. That's just not supported, sorry.
* Bookmarking this site. Please bookmark the service you're trying to get
to instead.
* You lingered too long here without clicking anything and your session

Click the button below to go back to the application that sent you here.

The only "solution" that I have encountered is to disable the browser
extension. This is even the "official" reply from Duo (
https://help.duo.com/s/article/3342?language=en_US). I have yet to find
anything from Nuance that recognizes this issue.

Has anyone else encountered this issue, and do you have any other
suggestions on how it could be addressed without having to disable the
browser extension?

Thanks in advance,
*Martina Svyantek*