Summary: Following the release of Passbolt Cloud 5.7, users authenticating with DUO as a second factor may be unable to complete the login flow when using the browser extension.
Impact: Affected users: Passbolt Cloud users who rely on DUO for second-factor authentication via the browser extension.
Symptoms: Authentication cannot reach DUO services
Not affected: Self-hosted Passbolt instances are not impacted.
Root cause: This issue is caused by stricter Content Security Policy (CSP) rules introduced in Passbolt 5.7, which unintentionally block parts of the DUO authentication flow when used with the browser extension.
Workarounds:
- Users to use Firefox which is not impacted by the issue;
- Users to connect with another MFA, if configured prior to the incident;
- Administrators to disable MFA for a user requiring immediate access;
- Administrators to disable DUO MFA for the whole organizations;
Resolution status: The team has identified the issue and is actively working on a fix.
An update will be communicated as soon as a patch or workaround is available.