Cornelius Kölbel

149 posts

Bug in passOnNoUser policy allows arbitrary authentication

A bug in the passOnNoUser policy allows authentication with an arbitrary password. Affected version: up to privacyIDEA 2.11.2 Propability: Medium Security Severity: High Technical Background The passOnNoUser policy is supposed to check if an authenticating user exists. If the user exists, normal authentication is performed. If the user does not exist in the user […]

privacyIDEA 2.10 released. All for the user – self registration, password reset, token wizard

Today we have pleasure in announcing the release of privacyIDEA 2.10. In this release the two factor authentication solution privacyIDEA eases the lives of the users. Self Registration and Password Reset privacyIDEA comes with a new policy scope “register”. If this policy is set new users may create a new […]

privacyIDEA on CLT2016

privacyIDEA will be at the Chemnitzer Linuxtage (CLT2016) on March 19th and 20th, 2016. Biggest German Linux Event The CLT is the biggest Linux event in Germany with roughly 3000 visitors and 90 talks. Cornelius will give a talk about privacyIDEA on Saturday. This time it will be an organizational talk. If […]