Are you getting an unexpected DUO mutli-factor authentication request when logging in to multipass enabled services?
SOLUTION
ITS has found script blockers in Browsers make it look like the user is being challenged by DUO even if they are not enrolled.
Questions to Consider
- Which site did you see this happen?
One issue where we've seen this is where people are running script-blocker plugins through their browser.
- What is a script-blocker?
A script-blocker is a browser add-on or extension that prevents unauthorized web sites from running JavaScript, Java, Flash, or other plug-ins to keep your browsing sessions safe.
- What are examples of script-blockers?
Examples include ScriptSafe for Chrome or NoScript for Firefox. If this is happening, then please allow the duosecurity.com address - it should be 'api-67a3278b.duosecurity.com'. This is needed because the MFA login process needs to check whether or not an individual is Duo-enrolled. If the user is not enrolled in DUO, it would merely see that you are NOT Duo-enrolled and then allow you to progress through to the end of login.