11. September 2023

Multi-factor authentication privacy IDEA version 3.9 is released

The IT security company NetKnights has released version 3.9 of the professional multi-factor authentication software privacyIDEA. The new token types daily password and application-specific password enable administrators to manage authentication to old applications centrally in privacyIDEA, even in heterogeneous environments.

The IT security company Netknights releases version 3.9 of its professional multi-factor authentication software privacyIDEA. The new token types daily password and application specific password allow administrators to centrally manage authentication to existing applications in privacyIDEA, even in heterogeneous environments. Authentication with PUSH tokens and the management of SSH keys has been improved. The new version is available now via the Python Package Index and in the community repositories for Ubuntu 20.04 and 22.04.

New types of Tokens: daily passwords and application specific passwords

Within heterogenous corporate networks, at universities and in grown structures, modern authentication methods such as FIDO2 cannot be implemented extensively.
Therefore, privacyIdea 3.9 offers two new types of tokens to ensure a central management. These new token can be used by admins and users and managed alongside with their other tokens in privacyIDEA.

The daily password is a code, which is valid for a specific and configurable period of time. This way, users can log in to applications, which cache login data. The privacyIDEA authenticator app offers the equivalent on the user interface.

The daily password token allows the user to log in with the same code over a longer period of time.

Some smartphone clients (e.g. email-clients) store the domain password to provide the corresponding functionality on the smartphone. To prevent a user from having to use the domain password, privacyIDEA allows users to define passwords only for one specific application but not for other ones. This protects the more sensitive domain password. Nevertheless, the centralized management enables users and administrators, to maintain a clear overview.

privacyIDEA can generate and manage application-specific passwords for legacy applications.

SSH key management

privacyIDEA can manage SSH keys. By doing that, it can be defined which SSH-Keys have access to which servers.
The new version enables users and administrators to create server-groups such as „webserver“ or „productive applicationserver“. This makes the configuration more easier, as new servers only have to be included in the corresponding server group.

The owner of the SSH key is allowed to log in as the “root” user on all production application servers.

PUSH-login improved

PrivacyIDEA in combination with the privacyIDEA authenticator enables an easy authentification via PUSH-notification.
Within version 3.9 users can decline PUSH-notifications, which leads to a cancellation of the login process on the server.
Moreover, more mechanisms were developed to prevent hacking via PUSH-notifications (also called PUSH fatigue).
You can find all changes in detail in the changelog on GitHub. At Github, all components of privacyIDEA are also being further developed as open source software under AGPLv3 under the leadership of NetKnights GmbH.

Availability

The new version 3.9 of privacyIDEAis now available via the Python Package Index as well as in the comunity repositories for Ubuntu 20.04 and 22.04. Additionally, Netknights GmbH offers the Enterprise Edition with support for Ubuntu LTS, RHEL/CentOS and appliance tool and performs custom development for special requirements.

About privacyIDEA

privacyIDEA is an open source multi-client and multi-instance capable system for multi-factor authentication. The development is done transparently at Github. The administrator can easily install or update the system via the Python Package Index or Ubuntu repositories. A few weeks after the community major version is released, NetKnights will also release a stable enterprise version for Ubuntu LTS and RHEL/CentOS.

You can get more information about development and news at https://netknights.it/aktuelles/.

Link to privacyIDEA project: www.privacyidea.org/privacyidea-3-9-released/

Latest press releases

Multi-factor authentication privacy IDEA version 3.10 is released

The IT security company NetKnights has released version 3.10 of the professional multi-factor authentication software privacyIDEA. The organisation of tokens in containers enables user-friendly and clear management of tokens for admins and users. As a new authentication method, WebAuthn version 3.10 can now also be used offline. Furthermore, authentication using PUSH tokens has been extended.

privacyIDEA releases privacyIDEA PAM and privacyIDEA Shibboleth Plugin

NetKnights GmbH provides interested users with the privacyIDEA Pluggable-Authentication-Module (PAM) for Linux in beta version and the privacyIDEA Shibboleth Plugin in version 1.0.0. While the privacyIDEA PAM enables multi-factor authentication on Linux systems, the privacyIDEA Shibboleth Plugin extends the privacyIDEA SSO Plugin family.

Suche

Drücken Sie "Enter" zum Starten der Suche

Search

Press "Enter" to start the search