Cisco-owned multi-factor authentication (MFA) provider Duo Security is investigating an ongoing outage that has been causing authentication failures and errors starting three hours ago.
The outage also led to Core Authentication Service issues across multiple Duo servers, triggering Azure Auth authentication errors for Azure Conditional Access integrations in a systemwide outage.
While the Azure Auth issue auto-resolved, customers are still reporting experiencing problems (including authentication slowness and failures when logging in.
Some users also see “System under heavy load. Please wait a few minutes and try again.” errors when trying to sign in using Duo, according to reports on the outage tracking site DownDetector.
“We are currently investigating authentication errors on DUO1 and are working to correct the issue as soon as possible,” the company said in an incident report filed over three hours ago.
We are continuing to work towards a resolution for these errors,” Duo added 30 minutes ago following a previous update saying that it had “identified the issue causing authentication slowness and failures to load the Duo Prompt and are working toward resolution.”
According to the company’s status page, Duo’s cloud-hosted single sign-on (SSO) and push delivery services are currently affected by major outages.
On the other hand, its HTTPS (TCP/443) and LDAP(S) (TCP/389) endpoints used by its Core Authentication Service were only hit by what Duo describes as a partial outage.
Duo’s MFA, SSO, remote access, device trust, and access control services are used by over 40,000 customers, ranging from small and medium businesses to state, local, and federal government agencies.
Update August 21, 18:01 EST: Almost nine hours after first acknowledging the outage, Duo says the root cause of the authentication failures has been resolved.
“The issue causing authentication failures on DUO1 has been fully resolved. All authentications are working as expected,” Duo said.
Source: www.bleepingcomputer.com