If a company or an organization wants to provide two factor authentication for thousands of users they are faced with totally new challenges.
Users will not come to the administrators desk. The administrator will not enroll a hardware token or initialize the user’s smartphone with the Google Authenticator on a per user basis. There are so many users, that the administrators or helpdesk users do not even know all the end users anymore. There must be a solution, that the enrollment process itself hands the authentication object to the user and ensures the identity of the user -- preferably automatically!
Users might be spread over cities, countries -- worldwide. They are ordinary end users and often not computer savvy. The rollout and the usage of two factor authentication should bother neither the end user nor the IT department too much.
Two factor authentication for thousands of users with privacyIDEA
At FOSDEM Cornelius Kölbel, founder of NetKnights, gave a talk about these challenges and how privacyIDEA can help to do successful two factor authentication projects using privacyIDEA.
FOSDEM is the largest Open Source developer conference world wide. privacyIDEA integrated well with Open Source solutions and Proprietary solutions like Netscaler, ASA, Checkpoint and many more.
Facilitating a simple but powerful REST API and a flexible event handler framwework privacyIDEA allows the smooth integration into existing workflows. This way the effort for end users and the IT department can be minimized to the max during enrollment and using two factor authentication.