The Duo Blog
Aaron McConnell, an Engineering Technical Lead at Duo, is driven by our mission to make security more accessible for everyone. The Duo Universal Prompt aims to do that by making multi-factor authentication as easy for users as it is effective. Every Duo team has been part of this innovative initiative meant to modernize technology and ensure more users can customize Duo to their needs. Aaron spoke about the technical side of this enterprise and how collaboration, proactive problem solving, and Duo’s culture contributed to this upgrade.
Duo Universal Prompt then and now
Question: What was the state of the Universal Prompt before the recent update. What problems did you want to solve or customer feedback did you want to address?
Aaron McConnell: These conversations began years ago. We had a number of problems that we wanted to solve, and some customer problems as well. The old style of prompt didn’t work for a lot of customers because it was in an iFrame. It’s a kind of technology where you embed pieces of a web application inside a different web application, and that’s an area rife with security problems. A lot of internet browsers are getting restrictive about what you can do with it.
Customers also found the prompt more burdensome than we wanted. They wanted to customize it in various ways, in terms of visuals or language, that it wasn’t well-suited to do.
At Duo, we also wanted to improve the security and use the most up-to-date protocols and procedures. There were also new mechanisms that were becoming popular, like Open ID Connect (OIDC). We wanted to support these modern and standardized processes in our application because we had our own custom homegrown protocol that didn’t interact with anything else well. There were also concerns about vulnerabilities if customers didn’t keep their secret keys as secure as we wanted them to.
For all those reasons, we wanted to do a technical refresh of the
[…]
Content was cut in order to protect the source.Please visit the source for the rest of the article.
Read the original article: