Getting message "Requires Chrome, Firefox, Safari, or Edge to use Security Keys

I’m not sure if this is the best place for this, but hopefully it’s close enough.

I’m setting up a new user’s computer. It’s a freshly imaged, Win 10 system running 20H2.

When trying to load Outlook, or Teams, or Adobe Creative Cloud, possibly others, when the Duo Security screen comes up I need to switch from Token to Security key but when I do, I’m given a message indicating I need to upgrade. When trying to log in to Teams or Creative Cloud, I get the message shown in the subject. When logging in to Outlook, it simply tells me to use the newest version of Edge.

At one point I figured it must be trying to use the old MSIE11 installation so I went in and removed MSIE11 but the problem is still ongoing. I’ve even wiped out and recreated the local user profile. I’m at a loss.

And unfortunately, I don’t have access to anything else for the user so I need to use the security to get them logged in.

Any ideas on how to fix this would be great. Thank you.

Hi @Durghan ,

This is likely caused by the user-agent string being reported by the client (Outlook, Teams) via an embedded web browser. Thick applications that support embedded web browsers can use/send any kind of user-agent they wish and does not have to be directly correlated to the default browser of the workstation. Depending on the edition of Duo your org has, you can see the browser version being reported in the Auth Log (if not, our Support team can help troubleshoot).

Security Keys are only compatible with Duo if using one of the following web browsers (to include Edge Chromium): Knowledge Base | Duo Security. I have personally seen that certain versions of M365 or Teams will use a custom (Legacy) EdgeHTML version.

Logging into the respective web-based version of these applications may be the better route when authenticating via Security Keys (WebAuthn).

Article: Why do Security Keys and Touch ID only work in certain browsers?

Hope this helps!

1 Like