Remember Me? Duo & Apple Safari 13.0.3

21 Nov Remember Me? Duo & Apple Safari 13.0.3

Overview

At the University of Utah, all employees required to use Duo two-factor authentication (2FA) when logging in to use certain online university applications and information technology systems. For example, how employees access Box, CIS, and Kronos, VPN, Citrix, and ePrescribe, etc.

Two-factor authentication provides an extra layer of security by requiring a user to log in with a username/password combo plus a second method of verifying the user’s identity. The second method is something the user has physical access to, like a cell phone or tablet. This ensures that even if a hacker manages to obtain a user’s login credentials, the information is useless without access to the user’s secondary device.

Remember Me?

With the release of Apple Safari 13.0.3 there is a known issue where the “Remember me” option cannot be selected.

From our testing, this appears to be only an issue only with macOS 10.14.6 after the Security update 2019-001. We couldn’t replicate the issue on macOS 10.13.6 nor on macOS 10.15.x with the recent security updates.

According to the following Duo knowledge base article a fix will be released for this issue in early December 2019.

There is a known issue in Safari 13.0.3 where the "Remember me" option cannot be selected.
A fix will be released for this issue in early December 2019.

https://help.duo.com/s/article/2189?language=en_US

So, in the interim, until this is fixed, you could use alternative web browsers like Mozilla Firefox, Google Chrome, etc or not depend on the “Remember me” option which extends your 2FA re-authorization period, which at the University of Utah is currently 12 hours.