Skip navigation
Industry News

Weak Cipher, TLS 1.0, and TLS 1.1 Deprecation with Duo MFA

TLS 1.0 and 1.1 were deprecated in Mar 2021 with IETF RFC 8996. Today, the baseline TLS version used by most enterprises and businesses is 1.2. Many organizations, particularly those in highly regulated verticals and government agencies, also have to meet their respective compliance requirements. These requirements – like HIPAA, PCI-DSS, etc. – mandate the use of TLS 1.2 as a minimum version to meet the latest security standards. The consequences of not meeting compliance requirements could be huge, ranging from hefty fines to significant legal consequences. 

There are also real security risks of using TLS 1.0 or 1.1 in any IT infrastructure or solutions. Well-known attacks like BEAST (Browser Exploit Against SSL/TLS), POODLE (Padding Oracle On Downgraded Legacy Encryption), etc. target insecure TLS versions, increasing organizational risks in exposing both their own and their users’ valuable data, potentially incurring major financial penalties and legal liabilities.  The ever-evolving hacker landscape also means new cyberattacks will continue to emerge for any businesses that are not moving forward with secure technologies like TLS 1.2 or 1.3. 

What is the impact?

TLS 1.0 and 1.1 and generally weak ciphers will no longer be supported by June 30, 2023 for all existing and new Duo customers.  

This can affect connection requests from: 

  • Duo Windows applications

  • Duo Unix on a Unix/Linux system with OpenSSL version 1.0.0 or earlier

  • Duo SDKs used by custom applications

  • Third-party SDKs that connect to Duo APIs

  • Duo LDAPS application for SSL VPN

  • Duo Mobile still in use on older versions of Android

Duo's supported cipher suite will change on June 30, 2023.

The cipher suite will change from:

OpenSSL cipher name RFC cipher name Deprecation date

DES-CBC3-SHA

TLS_RSA_WITH_3DES_EDE_CBC_SHA

Will be deprecated June 30,2023

AES256-SHA

TLS_RSA_WITH_AES_256_CBC_SHA

Will be deprecated June 30,2023

AES256-SHA256

TLS_RSA_WITH_AES_256_CBC_SHA256

Will be deprecated June 30,2023

AES128-SHA

TLS_RSA_WITH_AES_128_CBC_SHA

Will be deprecated June 30,2023

AES128-SHA256

TLS_RSA_WITH_AES_128_CBC_SHA256

Will be deprecated June 30,2023

AES128-GCM-SHA256

TLS_RSA_WITH_AES_128_GCM_SHA256

Will be deprecated June 30,2023

AES256-GCM-SHA384

TLS_RSA_WITH_AES_256_GCM_SHA384

Will be deprecated June 30,2023

ECDHE-RSA-DES-CBC3-SHA

TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA

Will be deprecated June 30,2023

ECDHE-ECDSA-AES128-GCM-SHA256

TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256

ECDHE-RSA-AES128-GCM-SHA256

TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256

ECDHE-ECDSA-AES256-GCM-SHA384

TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384

ECDHE-RSA-AES256-GCM-SHA384

TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384

ECDHE-ECDSA-AES128-SHA256

TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256

ECDHE-RSA-AES128-SHA256

TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256

ECDHE-ECDSA-AES128-SHA

TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA

ECDHE-RSA-AES256-SHA384

TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384

ECDHE-RSA-AES128-SHA

TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA

ECDHE-ECDSA-AES256-SHA384

TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384

ECDHE-ECDSA-AES256-SHA

TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA

ECDHE-RSA-AES256-SHA

TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA

Beginning June 30, 2023, supported cipher suites will change to the following:

OpenSSL cipher name RFC cipher name

ECDHE-ECDSA-AES128-GCM-SHA256

TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256

ECDHE-RSA-AES128-GCM-SHA256

TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256

ECDHE-ECDSA-AES256-GCM-SHA384

TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384

ECDHE-RSA-AES256-GCM-SHA384

TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384

ECDHE-ECDSA-AES128-SHA256

TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256

ECDHE-RSA-AES128-SHA256

TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256

ECDHE-ECDSA-AES128-SHA

TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA

ECDHE-RSA-AES256-SHA384

TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384

ECDHE-RSA-AES128-SHA

TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA

ECDHE-ECDSA-AES256-SHA384

TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384

ECDHE-ECDSA-AES256-SHA

TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA

ECDHE-RSA-AES256-SHA

TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA

Note: There are some operating systems that only support specific ciphers that may be considered weak by industry standards. We are planning to deprecate them in the future when this OS dependency is no longer an issue.

Australia region cipher suites will remain unchanged on June 30, 2023, and will continue to support only the following ciphers:

OpenSSL cipher name RFC cipher name

ECDHE-ECDSA-AES128-GCM-SHA256

TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256

ECDHE-RSA-AES128-GCM-SHA256

TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256

ECDHE-ECDSA-AES256-GCM-SHA384

TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384

ECDHE-RSA-AES256-GCM-SHA384

TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384

ECDHE-RSA-AES128-SHA256

TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256

ECDHE-RSA-AES128-SHA

TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA

What action do you need to take?

Please follow our guide to updating Duo for TLS version 1.2 and plan for the migration as soon as possible, as otherwise it may cause service disruption on June 30, 2023. 

We understand that there will be situations when legacy systems may not be able to upgrade to higher TLS versions in the near future. We want to ensure that we’re preventing service disruption for customers that have legacy systems in place. In order to make this possible, we are providing a feedback form for customers in this situation and we  will work with you to ensure that there will be a viable solution moving forward.