WebAIM - Web Accessibility In Mind

E-mail List Archives

Re: Duo 2-factor authentication and DNS browser extensioninteraction

for

From: Thompson, Rachel
Date: Oct 26, 2017 2:58PM

Hi, Martina.

Our IT folks who manage Duo were able to install and run the Dragon browser add-in with Duo. They also said they recently had to update some Duo javascript, so if your institution is not yet using the latest duo javascript that might be one solution.

Hope this helps,
Rachel


Dr. Rachel S. Thompson 
Director, Emerging Technology and Accessibility 
The Office of Information Technology
The University of Alabama
A207 Gordon Palmer Hall
Box 870248 
Tuscaloosa, AL 35487 
Phone 205-348-0216
<EMAIL REMOVED> | http://accessibility.ua.edu


-----Original Message-----
From: WebAIM-Forum [mailto: <EMAIL REMOVED> ] On Behalf Of Martina Svyantek
Sent: Thursday, October 26, 2017 2:26 PM
To: <EMAIL REMOVED>
Subject: [WebAIM] Duo 2-factor authentication and DNS browser extension interaction

Good afternoon.

I've recently come across an issue with the Dragon Naturally Speaking browser extension (such as for Chrome) "breaking" the Duo 2-factor authentication process used to sign in to different resources.

We've been able to replicate this using Windows 7, 8, and 10. This occurs with both Dragon Naturally Speaking 13 and 12.5; the browser extension doesn't need to even be working correctly with DNS, just enabled on the browser itself. Dragon's extension/add-in in Chrome/Firefox/IE appears to somehow interfere with 2-factor authentication. If you disable these add-ins, you can get past the 2-factor authentication, but then the software is turned off. This is the error message when running through Duo with the DNS extension enabled:

Oops!

You did something we can't handle. Common causes:

* Using the back button. That's just not supported, sorry.
* Bookmarking this site. Please bookmark the service you're trying to get to instead.
* You lingered too long here without clicking anything and your session expired.

Click the button below to go back to the application that sent you here.



The only "solution" that I have encountered is to disable the browser extension. This is even the "official" reply from Duo ( https://help.duo.com/s/article/3342?language=en_US). I have yet to find anything from Nuance that recognizes this issue.

Has anyone else encountered this issue, and do you have any other suggestions on how it could be addressed without having to disable the browser extension?

Thanks in advance,
--
*Martina Svyantek*