Open Source: LSE presents Authentication Platform LinOTP 2.8 with FIDO U2FToken

(PresseBox) LSE Leading Security Experts GmbH based in Germany, a subsidiary of MAX21 Management- und Beteiligungen AG (ticker symbol: MA1, ISIN: DE000A0D88T), is launching a new version of its Multifactor Authentication concept, LinOTP. A wide range of innovative features ensure considerable improvement in user-friendly handling, security, flexibility and cost efficiency. Support from FIDO U2F facilitates various scenarios in the field of “Bring Your Own Token“.

Innovations of the OATH-certified version LinOTP 2.8 include features such as FIDO U2F support, registration of FIDO U2F, preparing email and SMS tokens in a self-service portal, temporary email and SMS tokens, multiple challenge response tokens per user with identical token PINs and optimized troubleshooting. “With LinOTP 2.8 we are offering companies, which want to provide their staff with secure logins via multi-factor authentication (MFA/2FA), a technically sophisticated, manufacturer-independent and extremely adaptive solution“, explains Sven Walther, Managing Director and CTO of LSE Leading Security Experts GmbH.

Master Key Token “FIDO U2F“

With full support of the U2F protocol of the FIDO Alliance, various logins can be executed securely using one and the same token. This means it is possible to use the user-friendly U2F tokens of various manufacturers as a second factor for authentication. As a result, new scenarios in the field of “Bring Your Own Token“ will in future become reality. The open standard FIDO U2F is especially interesting for large companies on account of its transparency and independence. LSE Leading Security Experts is a member of the FIDO Alliance. Further information on FIDO U2F available at www.fidoalliance.org.

Additional New Features

To facilitate roll-out of the token, users can now also prepare FIDO U2F, email and SMS tokens themselves in the self-service portal of LinOTP, in addition to token types available up to now. All token types available there can be configured via policies from the LinOTP administrator. If a token is lost, a temporary email or SMS token can also be set up in LinOTP 2.8 instead of a temporary password. Another new feature involves the simultaneous setting up of several challenge response tokens per user with identical token PINs.

Availability

LinOTP 2.8 is available now from the repositories of LSE at www.linotp.org as a Debian package. Updated package are available for Ubuntu in LinOTP PPA on Launchpad. LinOTP 2.8 is also available via the Python package index (PyPI). Users of LSE LinOTP Smart Virtual Appliance can obtain LinOTP 2.8 via the integrated update administration.