The new release 2.5 of the privacyIDEA ownCloud app allows the administrator to define which client should require 2FA and which is ok with only a password. This is based on the IP address of the clients. This way e.g. users would not need a second factor when accessing ownCloud […]
On Sunday February 3rd I will give a talk how you can use privacyIDEA to add enterprise grade multi factor authentication to ownCloud. privacyIDEA is easy. And flexible. It is probably the most flexible open source multi factor authentication systems around. And some scenarios are easy. So easy that you […]
End of April we will attend two conferences to present the interesting possibilities of privacyIDEA to the world. Grazer Linuxtage, Graz – Austria At the Grazer Linuxtage Friedrich will give a talk about how privacyIDEA can be an alternative for classical, proprietary two factor solutions like RSA SecurID, Vasco or […]
With privacyIDEA 2.22 we added the possibility to pass more useful userinformation to a RADIUS client like a VPN. The administrator can add a policy to include the resolver and the realm of a user who authenticated successfully. This response data can then be used in the FreeRADIUS plugin and modified by regular expressions to add any arbitrary RADIUS attribute in the RADIUS response, which then would be sent to the VPN. This additional information can be used by Cisco ASA, Citrix Netscaler or any other enterprise grade VPN to put the user into certain subnets or to assign resource to the user.
A bug in the WebUI can lead to disclosure of the credentials of previously logged in users. Under certain conditions a local, physical attacker can get access to passwords of previously logged in users from the WebUI. Details Preconditions This problem occurs, if the following conditions apply: A logged in […]