Who will be affected?

This may affect FDU community users using Windows 7, Windows 8.1, Android Devices with Android OS version 9 or lower, and Apple devices with iOS versions that don’t support TLS 1.2.

Check if you are using the supported endpoints by reading the information below:

Windows

Supported Windows operating system (OS) versions will support TLS 1.2 by default. If you are running a supported Windows OS, no action is required.

Unsupported Versions for Windows Operating Systems

Check OS Version

• Open the Windows Search box and type “About your PC” and click on “Open“
• Under Windows Specifications, check which edition and version of Windows your device is running

Enabling TLS 1.2 on your Operating System

If your operating system was manually changed to disable TLS 1.2 for some reason, you can verify or configure your system for TLS 1.2.

Before making any changes, create a backup of the registry:

1. In the Windows Registry Editor, locate and click the “Protocols registry key” or “subkey“
   that needs to be backed up
2. Click “File”, then “Export”
3. In the Export Registry File dialog box, select the filename and location of where to save the backup
4. Click “Save”

After creating a backup of the registry, follow the steps below to enable TLS 1.2 on your system:

1. Click the Start menu, type “regedit” and press the Enter key. The Registry Editor window should be opened.
2. Navigate to follow the registry path: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols
3. Check if the subkey of TLS v1.2 is enabled for both the server and the client. Each protocol’s state is controlled by two keys: Enabled and DisabledByDefault
4. Make sure the Enabled value is 1 and the DisabledByDefault value is 0 or missing, the protocol is enabled.
5. If the Enabled value is 1 but the DisabledByDefault value is 1, the protocol is disabled by default – it will not be used unless another host explicitly requests it during negotiation.
6. If the Enabled value is 0, the protocol is disabled
7. Restart the system to ensure the new settings take effect

DUO Mobile

Supported Duo Mobile applications running on supported OS versions will support TLS 1.2+ by default. If you are running a supported Duo Mobile application on a supported OS, no action is required.

• Supported Android OS versions: Android 10.0 and greater
• Supported iOS versions: iOS 14.0 and greater

Web Browsers

Common web browsers like Google Chrome, Microsoft Edge, Mozilla Firefox, Opera, etc. with their latest version are supporting TLS 1.2.

Chrome and Microsoft Edge

1. In the Windows menu search box, type “Internet Options”
2. In the Internet Properties window, on the Advanced tab, scroll down to the Security section
3. Make sure the “User TLS 1.2” checkbox is checked

4. Click “OK” and restart the browser

Mozilla Firefox

1. Open the Mozilla Firefox Browser
2. In the address bar, type “about:config” and press “Enter“
3. In the Search Field type “tls”. Find and double-click the entry for “security.tls. version. min”
4. Make sure the integer value is 3 to force a minimum protocol of TLS 1.2

5. Click “OK” and restart the browser

We understand that upgrading your device is not always an option. In these instances, you can still use Duo Passcodes to perform multi-factor authentication.

1. To use this method, select “Enter a passcode” upon receiving your browser’s Duo security prompt

2. Next, open the Duo app and click “Show”. This will provide a six-digit passcode which you can enter into the browser prompt

3. Enter the six-digit passcode from the DUO app and click “Log in”

See also