privacyIDEA 2.9 with Yubico Protocol and new Token Types

We are proud to announce the availability of privacyIDEA 2.9.


Yubico Validation Protocol

Version 2.9 comes with support for the Yubico Validation Protocol. This way you can use common Yubico client like the PAM module for Mac OS. privacyIDEA’s yubico validation protocol can be reached via /ttype/yubikey. For more detailed developer information you may read the module specification.

Questionnaire Token

Questionnaire Token: Lets you define and answer a list of questions. During authentication a challenge response is performed.

The questionnaire token lets a user answer a list of questions. The questionnaire token then acts as a challenge response token. After entering the password or OTP PIN, the user is asked an random question, which he needs to answer accordingly.

Paper Token

Paper Token: Lets you print a list of OTP values – some kind of TAN list.

The paper token lets a user print a list of OTP values, which he can use to authenticate. Internally the paper token is an HOTP token. The printed sheet of paper can be cut and folded and carried in the users wallet.


Besides these new features privacyIDEA 2.9 comes with a list of further enhancements:

  • Add Web UI view to display the active challenges.
  • The issuer for the Google Authenticator app can be configured.
  • The LDAP machine resolver uses an LDAP server pool.
  • The LDAP user resolver returns a list of mobile numbers.


The following issues have been fixed in privacyIDEA 2.9:

  • The test email for the email token now has a sent date.
  • Fix problem when using encrypted encryption key.
  • Fix upper case problem when logging in to web UI with REMOTE_USER.
  • Fix allow set an empty PIN in the web UI.
  • Fix import of token file in Web UI.

Download, Install, Upgrade

You can download privacyIDEA from the usual locations. Upgrade is fairly easy, since there are no changes to the database schema from 2.8 -> 2.9.

Please read the installation documentation for further information.

Leave a comment