It would be nice if the Duo passcode verification (using a USB security key) would accept a key which is case-insensitive. I find on multiple occasions that if I have the Caps Lock key set and when interacting with a Yubikey device, it generates an invalid key string since the generate key has an inverse casing.
That’s interesting! My Yubikey (a 4c Nano) doesn’t appear to change the case of the generated OTP code when I have caps lock on. I don’t doubt it has happened though, because I see we have a KB article for it.
What model Yubikey do you have? With which Duo applications do you experience this? I tried the browser-based Duo Prompt, and logging into the Admin Panel, both from Chrome on a Mac.
@DuoKristina, the key itself does not have any specific model number listed on it (just a serial number), but the following USB device information can be queried (if that helps):
idVendor : 0x1050 (Yubico AB) idProduct : 0x0401 bcdDevice : 0x0433 iManufacturer : 0x01 (String Descriptor 1) Language 0x0409 : "Yubico" iProduct : 0x02 (String Descriptor 2) Language 0x0409 : "Yubikey 4 OTP"
I currently use this with a corporate authentication process using a web browser (Chrome), where an iframe is used to connect to what it appears to be a duosecurity.com API endpoint:
That endpoint looks like you’re using our Pulse Secure/Juniper VPN integration. I gave that a try (from Chrome) and it’s not entering the OTP in caps when I have caps lock on (I tried both from my USB keyboard and from my Mac Book keyboard with everything other than the Yubikey disconnected).
Maybe that is something configurable on the Yubikey?
Anyway, make sure to contact your Duo account exec or Duo Care customer success manager to share your feature request for case insensitivity on Yubikey OTP input. If you don’t have either of those, Duo Support can also create the feature request for you.