News
/
/
privacyIDEA 3.3 allows central management of WebAuthn tokens

WebAuthn

privacyIDEA 3.3 allows central management of WebAuthn tokens

Open source security specialist NetKnights has released a new version of its multi-factor authentication software privacyIDEA. The new version allows organizations to centrally manage users’ WebAuthn tokens in privacyIDEA, making modern authentication technologies available to the enterprise. A new event handler module will also allow individual connection to central logging systems such as Logstash or Splunk.

Kassel, April 6th, 2020 – Open source security specialist NetKnights has released a new version of its multi-factor authentication software privacyIDEA. The new version allows organizations to centrally manage users’ WebAuthn tokens in privacyIDEA, making modern authentication technologies available to the enterprise. A new event handler module will also allow individual connection to central logging systems such as Logstash or Splunk. privacyIDEA 3.3 is now available via the Python Package Index and in repositories for Ubuntu LTS.

WebAuthn as a new authentication method

An important new feature in privacyIDEA 3.3 is support for the WebAuthn protocol. This has been specified by the World Wide Web Consortium (W3C) as a global standard for web-based authentication. privacyIDEA is thus future-proof and will continue to offer the highest flexibility in the selection of modern authentication devices from the Yubikey security token to fingerprints on a smartphone and crypto chips in notebooks.

Users of privacyIDEA can thus achieve a step-by-step modernization of their two-factor authentication by using "old" methods such as SMS, OTP hardware tokens or smartphone apps in parallel with modern methods such as Yubikey, U2F or even WebAuthn, and by gradually replacing them.

Event Handler sends information to Log systems

A great strength of privacyIDEA are the event handlers, with which the administrator can link new actions to events. Version 3.3 offers a new event handler module to forward messages to a central logging system on an event-driven basis. This allows the administrator to store freely definable log information locally and to send it to central logging services for further processing. The developers present the integration using Logstash as an example in the privacyIDEA Community Blog.

New token type for individual rollout scenarios

The IndexedSecret Token is a special type of token that allows users to log on based on existing secret information. This can be particularly useful in complex rollout scenarios.

 

The developers have also optimized and extended the WebUI in several places. The detail view of the policies has been revised to make complex definitions clearer for the administrator. The administrator can now distinguish more precisely between the authorizations of individual administrative users. This is especially useful in larger installations with many administrators or helpdesk employees.

A complete list of changes can be found in the changelog at Github.

Availability

The new version 3.3 of privacyIDEA is now available in the community repositories for Ubuntu 16.04 and 18.04. In addition, NetKnights GmbH offers an Enterprise Edition with support for Ubuntu LTS and RHEL/CentOS and performs custom development for special usage scenarios.

 

Visit our Blog.

Subscribe to our newsletter.

Read the release article at privacyIDEA.org.