The World Wide Web Consortium (W3C) i
s implementing privacyIDEA for securing access to their infrastructure with a second factor. The privacyIDEA Authentication System was chosen due to its flexible nature and the possibility to allow a single sign on experience for the users.
The services and especially the users are distributed world wide. Shipping authentication devices centrally is not efficient. Distributing authentication devices to users is not practical. Allowing only one type of authentication object is not an option. For W3C this is a big advantage that privacyIDEA
can manage many different token type of different vendors at the same time. Dies können Smartphones mit Apps oder SMS, klassische Hardware-OTP
-Token, Nitrokeys, YubiKeys, U2F
-Geräte, TiQR-Token uvm. sein.
The lean REST API allows easy integration into their own user portal. W3C connected privacyIDEA to their existing user management. privacyIDEA is connected to the already existing user management. Users will be able to choose if they want to self-enroll Smartphone-Applications or U2F
devices. Depending on the device type users gain access to resources of different security levels. Depending on the type, the user can then be granted access to resources of different security levels.