Posts

,

privacyIDEA 2.19 – Performance, U2F and secure Smartphone Apps

Today we released privacyIDEA 2.19. Packages are available in the Launchpad-Repos for Ubuntu 14.04LTS and 16.04LTS. You can also install privacyIDEA on any Linux distribution using the python package index.

New Features in privacyIDEA

Authentication performance

privacyIDEA 2.19 is up to 72% faster!

In tests in the lab privacyIDEA 2.19 shows improved performance. Authentication requests are up to 72% faster than in the previous version. This is also due to a new generic user cache. This user cache stores the link between login name and user object in the local SQL database. Thus time consuming requests to the originial user store like LDAP servers or Active Directory get obsolete.

Filter U2F devices for the users

Using policies the administrator can define which type of U2F device the user is allowed to register. In further policies the administrator can also define, which U2F types the users can use to authenticate at certain applications. This way the usage of certain U2F devices can be denied in your company or certain devices from specific vendors can be required for login to sensitive systems.

Secure smartphone apps with privacyIDEA

The classical smartphone app enrollment comes with several problems, which privacyIDEA 2.19 can solve.

In a previous blog post we already pointed out the limitations of the usual smartphone enrollment with the Google Authenticator.  As a company or large organization you want to keep control over the enrollment processes of your users. Thus in version 2.19 of privacyIDEA a better rollout possibility was added. The smartphone and the privacyIDEA server do a mutual key generation. Both create a component, the secret key is generated from both components. This avoids easy copying of the QR-Codes.

Read more details in the privacyIDEA Blog.

More functions

Version 2.19 comes with further detail improvements like using the IP address or the browser user agent in the event handler framework. The date and timeformat was consolidated. Now the complete ISO date with timezone is saved to the database. This heavily eases working across timezones in international setups.

You may want to take a look at the complete Changelog.

Enterprise Edition and Consultancy

NetKnights provides consulting and support with the privacyIDEA Enterprise Edition. Using Open Source you optimize your total cost of ownership this way, that there are no external limitations which dictate how long or short your may use the software. Getting the privacyIDEA Enterprise Edition including an SLA you get the warranty and thus operating safety.

 

You want to stay tuned? Please subscribe to our newsletter!

You want to test the system yourself? Register for a test instance!

You want to know more? Get in touch!