New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
duosecurity.com - Correct UA required to log in with security keys #104558
Comments
Thanks for the report, unfortunately, I don't have an account that uses duo 2FA with a security key device set up. @ksy36, @denschub do you happen to have something like this? @freaktechnik does the login work on Firefox? [qa_20/2022] |
As per the initial issue text, this is about Thunderbird. I'm using a U2F key with Auth0 regularly in Firefox, and that works fine. But I have not added the Mozilla account to Thunderbird, so I didn't run into this issue. Unfortunately, I'm not entirely sure what to do here. We (as in WebCompat) can't spoof the UA string inside Thunderbird. Thunderbird could add a "Firefox" segment into the UA for embedded Websites like a 2fa prompt, but we could also try to reach out to Duo to ask them to consider supporting Thunderbird. I'll poke around to see if we have contacts. |
@freaktechnik can you still reproduce the issue? [inv_38/2022] |
Yes. |
This is resolved in the new Duo login flow. |
Thanks for confirming! |
URL:
https://*.duosecurity.com/frame/prompt?<snip>
Browser/Version: Thunderbird
Operating System: Linux
What seems to be the trouble?(Required)
Steps to Reproduce
Mozilla/5.0 (X11; Linux x86_64; rv:101.0) Gecko/20100101 Thunderbird/101.0
, I used the responsive device mode in the Firefox devtools to set it)Expected Behavior:
Can log in using security keys if the browser supports it (has the relevant JS APIs required)
Actual Behavior:
Does not allow usage of a security key, even if the browser would support it.
Screenshot
The text was updated successfully, but these errors were encountered: