When will Duo move away from Flash?

iloving · ‎07-10-2020

So I notice that Duo continues to rely on Flash for it’s 2fa interface.

Considering that Flash has been deprecated for years and is going to be outright dead by the end of this one, why is Duo still using flash and when do they plan on moving away from it?

Amy2 · ‎07-13-2020

Hi @iloving, what makes you say that Duo relies on Flash? Do you see a particular error message somewhere? While the Duo Prompt does not rely on Flash to run, it may appear as though it does due to passive detection of the use of Flash. If an organization has a policy in place with Flash-based restriction, for example, then you might see a popup reminder that your Flash version is out of date. Similarly, some plugins for Duo-protected applications may use Flash. It would help to know which application(s) you are using with Duo, then we may be able to comment further.

iloving · ‎07-14-2020

Yes, when I use a new browser and connect to one of our duo-protected services, it brings up some warning (I can’t remember the exact wording) about Flash.

If it’s a false alarm then great, but it would be nice if that didn’t happen as it causes undue alarm.

mkorovesisduo · ‎07-15-2020

Hey iloving, as Amy indicated in her response, it sounds like you are seeing that warning due to a Plugin Policy that a Duo administrator at your organization has put into place. If this is indeed the type of message you’re seeing, it is not a “false alarm” in the sense that the policy accurately warns (and blocks, if configured to do so) users who are using out-of-date versions of Flash.