I registered a Yubikey and an Andriod APP to use DUO.
Starting yesterday, I noticed that before, DUO would pop a windows window to ask me to insert and tap my security key and also send a push to my app.
but now it would only send push to my app and if I want to use my Yubikey, I would need to manually cancel current app push and select my yubikey, click “use security key” to open another chrome window and then windows would pop up a window to ask me to use my security key.
this is becoming really tedious and annoying for me, wondering why you would change this feature.
it’s obviously more convenient to automatically promopt mulitple devices instead of only push on one devide and have to manually select others.
This is because we recently switched security keys to WebAuthn from U2F due to Google ending support for U2F in Chrome in this coming February. Read more details about the change in the Duo Knowledge Base.
What application are logging into when you encounter Duo 2FA? Some Duo applications have a way for you to set the default so you do not need to cancel the push before using your security key.
Thank you so much for your fast and detailed response, I read about this a few month ago and completely forgot this.
I use DUO for my university’s web authentication. I tried to set my security key as default and i still need to click “Use Security Key” button.
Hope in the future, it’s possible to automatically prompt to begin security key login with the the new WebAuthn auth method.
The new Universal Prompt is able to automatically start security key authentication without an explicit click to begin in most browsers.
This is something your university IT would need to enable, and it’s not yet available for every Duo application. Hopefully though your school evaluates it when it does become an option for them, as this is one of many usability improvements.