Hello everyone! Here are the release notes for our most recent updates to Duo.
Public release notes are published on the Customer Community every other Friday, the day after the D-release is completely rolled out. You can subscribe to notifications for new release notes by following the process described here. If you have any questions about these changes, please comment below.
Check out the Guide to Duo End-of-Life and End-of-Support Plans. This guide provides an up-to-date list of current and past end-of-life plans for Duo products.
New features, enhancements, and other improvements
Duo Device Health application is now Duo Desktop
- Policy settings, endpoint information, user interfaces, and logging will reflect the new name.
- Relocated the option to Require Duo Desktop from the Device health checks section to a separate section of Duo Desktop policy configuration in the Duo Admin Panel.
Duo Desktop settings
Duo Desktop settings for device registration and health checks
More Duo Desktop settings
Now in General Availability: Duo Admin Panel common header and navigation
- The Admin Panel header and navigation are presented with new design and styles.
- The support content moved from the left navigation to Help menu in the header.
- The width of the experience has been expanded to 1920px.
- The deployment ID and account number are now available in the footer.
- Customers with the ability to have subaccounts on different Duo deployments (such as members of Duo’s MSP program) are included in this general availability release.
Now in Public Preview: SAML Encrypted Assertions for SAML Identity Providers in Duo Single Sign-On (SSO)
- There is a new Assertion encryption setting for Entra ID (Azure ID) and Other SAML Identity Providers that supports encrypted assertions: Allow use of any algorithm that is supported by SAML Identity Provider configuration.
- If enabled, Duo SSO will accept a SAML response using any of the algorithms listed under Assertion encryption algorithm and Key transport encryption algorithm. If disabled, Duo SSO will only accept a SAML response using the specified Assertion encryption algorithm and Key transport encryption algorithm.
- Enable this new setting to opt-in to this public preview feature.
Assertion encryption settings
- Updated the default Assertion encryption algorithm from AES256-GCM to AES256-CBC.
Duo Admin Panel now displays a banner to accounts with a single Owner
- When an account has only one Duo administrator with the Owner role, the Duo Admin Panel Administrators page will now display a banner reminding the sole Owner to add another administrator with the Owner role.
Updated Duo Universal Prompt for Duo Passwordless
- The prompt to complete Passwordless 2FA with a WebAuthn platform or roaming authenticator now offers a link to Other options that lets the end-user select a different authentication method.
Duo Universal Prompt for Duo Passwordless
New and updated applications
Three new named SAML applications with Duo SSO
Duo Device Health application is now Duo Desktop with the latest release
- Adds support for AD FS OIDC Application Group applications.
- Updates the ADFS-Diag.ps1 support script to collect information about Application Groups and NET Framework strong cryptography configuration.
- Reminder that effective October 10, 2023, Duo no longer supports Windows Server 2012 and 2012 R2. Although it is still possible to install the Duo Authentication for AD FS plugin on these versions of Windows Server, we do not recommend it and we will not be able to support it going forward.
- Miscellaneous bug fixes and behind-the-scenes improvements.
- Miscellaneous bug fixes and behind-the-scenes improvements.