We are proud to announce the availability of privacyIDEA 2.9. Features Yubico Validation Protocol Version 2.9 comes with support for the Yubico Validation Protocol. This way you can use common Yubico client like the PAM module for Mac OS. privacyIDEA’s yubico validation protocol can be reached via /ttype/yubikey. For more […]
Whatsup
We are happy to announce that we released privacyIDEA 2.8 with great improvements in U2F and SAML. Features U2F authentication at other services privacyIDEA was heavily improved as far as U2F is concerned. privacyIDEA can now take trusted facets, so that you can use the U2F token, that you registered with privacyIDEA […]
privacyIDEA was at the OpenRheinRuhr on November 7/8, 2015 and I conducted a workshop about privacyIDEA. This year I thought of something special for the privacyIDEA booth. Many people were always wondering: “what is privacyIDEA?” “Is it a firewall?”, “Is it a VPN?”, “Where do I need to install it?” The network setup […]
We just released privacyIDEA 2.7. This version contains one big new feature and several enhancements, which hopefully ease your daily life. We added U2F support, that can be used at the moment by administrators and users to login to the privacyIDEA Web UI. Enrolling the U2F token is easy just […]
privacyIDEA will be at OpenRheinRuhr in Oberhausen at November 7th/8th. There will be a stand in the exhibition and we also planned to provide a privacyIDEA workshop to get you up and running easily.
A bug in the policy module prevents authenticating with a serial number. Affected version: privacyIDEA 2.6 Propability: High Security Severity: Low Technical Background privacyIDEA allows to authenticate with a username or a token serial number. I.e. the API can do a POST /validate/check user=username pass=PIN+OTP or a POST /validate/check serial=serialnumber […]
Today privacyIDEA version 2.6 was released. This release eases the way of authentication by providing a new token TiQR. The TiQR token is based on the OCRA protocol, which is a challenge response protocol, that can be used to authenticate or to sign transaction data. The TiQR token is a […]
A bug in the LDAP Resolver can lead to unauthorized access as an LDAP user. Under certain conditions a rogue user can login as an LDAP user to the privacyIDEA web UI or guess a static password part during authentication when the policy scope=authentication, otppin=userstore is used. Details Preconditions This problem […]
You are using two factor authentication to improve your security or to fullfill certain needs? You may now take security to the next level as privacyIDEA will support a 4 eyes principle starting with version 2.6. We just pushed the implementation to the development branch. Using this new meta token you can […]
September, 18th and 19th / Kiel, Germany privacyIDEA will be at Kielux at the exhibition. There will also be a Workshop, where you get a ready installed privacyIDEA setup to play with. Get a free Yubikey to test two factor authentication and check all possibilities you get with privacyIDEA. You […]