Skip navigation

Effective October 28, 2019 Duo Security will be transitioning to Cisco's Privacy Statement. View the Duo Privacy Data Sheet.

Documentation

Duo for Outlook Web App (OWA) - Release Notes

Last Updated: March 15th, 2019

Duo adds two-factor authentication to Outlook Web App (OWA) logins, complete with inline self-service enrollment and Duo Prompt.

Version 1.3.2 - April 2018

  • Support for UPN usernames
  • Internal whitelist for Exchange 2013 and 2016 built-in health mailboxes
  • Separate installers and instructions for Exchange 2010 and Exchange 2013 and later
  • Exchange 2013 and later installations now require .NET Framework 4.5 and ASP.NET 4.5
  • TLS 1.1 and 1.2 support for Exchange 2013 and later

Version 1.2.1 - October 2017

  • Duo Web SDK 2.6

Version 1.2.0 - April 2016

  • Adaptive sizing for Duo authentication prompt
  • Supports SSL offloading
  • Supports OWA on Exchange 2016

Version 1.1.9 - November 2014

  • Fail mode refinements

Version 1.1.7 - September 2014

  • Expanded two-factor protection to ECP site

Version 1.1.5 - April 2014

  • Bugfixes

Version 1.1.3 - April 2014

  • Fixed double-prompt for primary credentials with some Exchange Server 2013 installations
  • Fixed installer issues on systems using certain international date formats

Version 1.1.2 - January 2014

  • Fixed time-synchronization with Duo's service
  • Fixed incorrect handling of client IP addresses

Version 1.0.8 (for Exchange Server 2007) - January 2014

  • Fixed an issue in which high usage could incorrectly cause Exchange Server to exceed its session limit

Version 1.1.1 - November 2013

  • Added support for Exchange Server 2013
  • Added fail-open mode
  • Fixed post-login redirection for deep links
  • Removed the option to strip Windows domains from usernames (superseded by the username normalization option for applications set in the Admin Panel)
  • Removed support for Exchange Server 2007

Version 1.0.6 - August 2013

  • Added support for Duo's new enrollment frame
  • Fixed permissions errors when using multiple IIS Application Pools

Version 1.0.5 - May 2013

  • Fixed incorrect usage of persistent cookies

Version 1.0.4 - August 2012

  • Fixed a compatibility issue with HTTPS-only cookies

Version 1.0.3 - June 2012

  • Added an option to strip Windows domains from usernames