Authentication

10 posts

Bug in passOnNoUser policy allows arbitrary authentication

A bug in the passOnNoUser policy allows authentication with an arbitrary password. Affected version: up to privacyIDEA 2.11.2 Propability: Medium Security Severity: High Technical Background The passOnNoUser policy is supposed to check if an authenticating user exists. If the user exists, normal authentication is performed. If the user does not exist in the user […]

Two-Factor-Authentication with OTP on CentOS 7

This Howto describes the setup of privacyIDEA on CentOS 7 including a FreeRADIUS 3 configuration. This Howto is provided by Patrick Hirschbühl. Thanks a lot for this contribution! privacyIDEA + MySQL on CentOS 7 Minimal Installation of CentOS 7 yum -y install net-tools yum -y install wget NetworkManager-tui Example for […]