HOME

TheInfoList



Click Here for Items Related To - privacyIDEA
OR:
privacyIDEA on:   [Wikipedia]   [Google]   [Amazon]

privacyIDEA is a
two factor authentication Multi-factor authentication (MFA; encompassing two-factor authentication, or 2FA, along with similar terms) is an electronic authentication method in which a user is granted access to a website or application only after successfully presenting ...
system which is multi-tenency- and multi-instance-capable. It is
opensource Open source is source code that is made freely available for possible modification and redistribution. Products include permission to use the source code, design documents, or content of the product. The open-source model is a decentralized so ...
, written in Python and hosted at
GitHub GitHub, Inc. () is an Internet hosting service for software development and version control using Git. It provides the distributed version control of Git plus access control, bug tracking, software feature requests, task management, continuous ...
. privacyIDEA is a LinOTP's fork from 2014.


Fields of use

privacyIDEA provides an authentication backend for various kinds of applications (including
SSH The Secure Shell Protocol (SSH) is a cryptographic network protocol for operating network services securely over an unsecured network. Its most notable applications are remote login and command-line execution. SSH applications are based on a ...
,
VPN A virtual private network (VPN) extends a private network across a public network and enables users to send and receive data across shared or public networks as if their computing devices were directly connected to the private network. The be ...
, as well as web applications such as ownCloud). Thus it is meant to replace classical proprietary two factor authentication systems such as RSA
SecurID RSA SecurID, formerly referred to as SecurID, is a mechanism developed by RSA for performing two-factor authentication for a user to a network resource. Description The RSA SecurID authentication mechanism consists of a " token"—either ...
or Vasco. It supports
single sign-on Single sign-on (SSO) is an authentication scheme that allows a user to log in with a single ID to any of several related, yet independent, software systems. True single sign-on allows the user to log in once and access services without re-enterin ...
via
SAML Security Assertion Markup Language (SAML, pronounced ''SAM-el'', ) is an open standard for exchanging authentication and authorization data between parties, in particular, between an identity provider and a service provider. SAML is an XML-based m ...
. It is also possible to login with a second factor to Windows desktops using a privacyIDEA Credential Provider.


Installation

privacyIDEA runs on-premises as a web application on a Linux system. It can be set up quickly and easily. It can run on Debian, Ubuntu and RedHat.


Authentication devices

privacyIDEA supports a wide variety of authentication devices. Amongst those are hardware tokens like Feitian C200, the
Yubikey The YubiKey is a hardware authentication device manufactured by Yubico to protect access to computers, networks, and online services that supports one-time passwords (OTP), public-key cryptography, and authentication, and the Universal 2nd Fact ...
by Yubico or other U2F/
WebAuthn Web Authentication (WebAuthn) is a web standard published by the World Wide Web Consortium (W3C). WebAuthn is a core component of the FIDO2 Project under the guidance of the FIDO Alliance. The goal of the project is to standardize an interface fo ...
devices. Many smartphone apps compliant with
HOTP HMAC-based one-time password (HOTP) is a one-time password (OTP) algorithm based on HMAC. It is a cornerstone of the Initiative for Open Authentication (OATH). HOTP was published as an informational IETF RFC 4226 in December 2005, documenting th ...
and TOTP are also supported.


References

{{Reflist Computer security software Authentication methods Computer access control Linux