Open Source: LSE presents Authentication Platform LinOTP 2.8 with FIDO U2F Token
Innovations of the OATH-certified version LinOTP 2.8 include features such as FIDO U2F support, registration of FIDO U2F, preparing email and SMS tokens in a self-service portal, temporary email and SMS tokens, multiple challenge response tokens per user with identical token PINs and optimized troubleshooting. “With LinOTP 2.8 we are offering companies, which want to provide their staff with secure logins via multi-factor authentication (MFA/2FA), a technically sophisticated, manufacturer-independent and extremely adaptive solution“, explains Sven Walther, Managing Director and CTO of LSE Leading Security Experts GmbH.
Master Key Token “FIDO U2F“
With full support of the U2F protocol of the FIDO Alliance, various logins can be executed securely using one and the same token. This means it is possible to use the user-friendly U2F tokens of various manufacturers as a second factor for authentication. As a result, new scenarios in the field of “Bring Your Own Token“ will in future become reality. The open standard FIDO U2F is especially interesting for large companies on account of its transparency and independence. LSE Leading Security Experts is a member of the FIDO Alliance. Further information on FIDO U2F available at www.fidoalliance.org.
Additional New Features
To facilitate roll-out of the token, users can now also prepare FIDO U2F, email and SMS tokens themselves in the self-service portal of LinOTP, in addition to token types available up to now. All token types available there can be configured via policies from the LinOTP administrator. If a token is lost, a temporary email or SMS token can also be set up in LinOTP 2.8 instead of a temporary password. Another new feature involves the simultaneous setting up of several challenge response tokens per user with identical token PINs.
LinOTP 2.8 is available now from the repositories of LSE at www.linotp.org as a Debian package. Updated package are available for Ubuntu in LinOTP PPA on Launchpad. LinOTP 2.8 is also available via the Python package index (PyPI). Users of LSE LinOTP Smart Virtual Appliance can obtain LinOTP 2.8 via the integrated update administration.
LSE LinOTP is an innovative, flexible OTP platform which can be used in a wide range of scenarios to secure user authentication. On account of its highly modular architecture, LinOTP operates on a manufacture-independent basis and supports various authentication protocols, tokens and databases. The software is multi-client compatible, easily scalable, user-friendly and can be implemented swiftly and simply. By using LinOTP, companies can easily implement the highest security standards.