Potential Login Error when DUO 2FA not Support TLS 1.0 & 1.1 from 30 Jun
Effective from 30 Jun 2023 (Fri), our 2-factor authentication solution (Duo 2FA) will no longer support Transport Layer Security (TLS) versions 1.0 or 1.1* for any Duo product or service. (Ref: Duo official announcement)
Any Impact on You?
Up-to-date endpoints will by default support the newer TLS version like TLS 1.2, so that there will be no impacts on most users. However, legacy endpoints e.g. outdated internet browser version or manually configured endpoints might not be the case.
If your endpoints use TLS 1.0 or 1.1 by default, you might experience an error or no response for Duo 2FA while logging into the University 2FA-protected systems.
Check out our guides at ITSC website (https://www.itsc.cuhk.edu.hk/all-it/information-security/two-factor-authentication-2fa/duo-will-no-longer-support-tls-v1-0-or-1-1/) to avoid it!
*With TLS 1.0 or 1.1 deprecated by IETF in 2021, more and more products in the market no longer support such insecure protocol and set TLS 1.2 as their baseline.
back to issue
|