privacyIDEA was at the OpenRheinRuhr on November 7/8, 2015 and I conducted a workshop about privacyIDEA. This year I thought of something special for the privacyIDEA booth. Many people were always wondering: “what is privacyIDEA?” “Is it a firewall?”, “Is it a VPN?”, “Where do I need to install it?” The network setup […]
Blog
163 posts
Two factor authentication or multi factor authentication is ment to raise the bar for attackers. They ought to sniff, brute-force or social-engineer your password and in addition steal or “borrow” your hardware token for a “test”. Still, I wish to think that the Yubikey – being the product of originally a sole Swedish company […]
This blog will show how you can use privacyIDEA to secure your SSH login. In this case users need to provide an SSH Key and in addition an OTP token and an optional password. Thus you have the following authentication factors: SSH Key (soft possession factor – copyable!) optional passphrase on […]
Attention: This HowTo is outdated! There is an improved HowTo included in the privacyIDEA documentation This Howto describes the setup of privacyIDEA on CentOS 7 including a FreeRADIUS 3 configuration. This Howto is provided by Patrick Hirschbühl. Thanks a lot for this contribution! privacyIDEA + MySQL on CentOS 7 Minimal […]
We just released privacyIDEA 2.7. This version contains one big new feature and several enhancements, which hopefully ease your daily life. We added U2F support, that can be used at the moment by administrators and users to login to the privacyIDEA Web UI. Enrolling the U2F token is easy just […]
privacyIDEA will be at OpenRheinRuhr in Oberhausen at November 7th/8th. There will be a stand in the exhibition and we also planned to provide a privacyIDEA workshop to get you up and running easily.
A bug in the policy module prevents authenticating with a serial number. Affected version: privacyIDEA 2.6 Propability: High Security Severity: Low Technical Background privacyIDEA allows to authenticate with a username or a token serial number. I.e. the API can do a POST /validate/check user=username pass=PIN+OTP or a POST /validate/check serial=serialnumber […]
Today privacyIDEA version 2.6 was released. This release eases the way of authentication by providing a new token TiQR. The TiQR token is based on the OCRA protocol, which is a challenge response protocol, that can be used to authenticate or to sign transaction data. The TiQR token is a […]
A bug in the LDAP Resolver can lead to unauthorized access as an LDAP user. Under certain conditions a rogue user can login as an LDAP user to the privacyIDEA web UI or guess a static password part during authentication when the policy scope=authentication, otppin=userstore is used. Details Preconditions This problem […]
You are using two factor authentication to improve your security or to fullfill certain needs? You may now take security to the next level as privacyIDEA will support a 4 eyes principle starting with version 2.6. We just pushed the implementation to the development branch. Using this new meta token you can […]