Immediate Action Recommended for Certain SSO Agent Deployments to Handle Google Chrome 80 Changes
On February 18, 2020, Google will slowly roll out a change to the cookie behavior in Google Chrome version 80 or later. This changed cookie behavior does not affect most RSA SecurID Access users. However, there is a possibility that users who have version 80 and authenticate to the RSA SecurID Access Application Portal might experience step-up authentication failure if the authentication session is longer than two minutes. This does not affect deployments that use RADIUS or relying parties.
If this issue affects your users, do the following:
Update your load balancer configuration if you have configured High Availability in your SSO Agent deployment and have configured both your load balancer to use the SPBALANCEID cookie for session persistence and SameSite to be enforced by the users' browsers. Modify your load balancer configuration to set SPBALANCEID as Secure and SameSite=None.
If you manage session persistence in another way, you do not need to make this load balancer change.