HOME

TheInfoList



Click Here for Items Related To - LinOTP
OR:
LinOTP on:   [Wikipedia]   [Google]   [Amazon]

LinOTP is Linux-based software to manage authentication devices for two-factor authentication with one time passwords. It is implemented as a web service based on the python framework Pylons. Thus it requires a web server to run in. LinOTP is mainly developed by the German company KeyIdentity GmbH. Its core components are licensed under the Affero General Public License. It is an open source authentication server certified by the OATH initiative for open authentication for its 2.4 version.


Overview

As a web service LinOTP provides a REST-like web API. All functions can be accessed via Pylons controllers. Responses are returned as a
JSON JSON (JavaScript Object Notation, pronounced ; also ) is an open standard file format and data interchange format that uses human-readable text to store and transmit data objects consisting of attribute–value pairs and arrays (or other ser ...
object. LinOTP is designed in a modular way enabling user store modules and token modules. Thus it is capable of supporting a wide range of different tokens.


Features

* Supported tokens: :*
SafeNet SafeNet, Inc. was an information security company based in Belcamp, Maryland, United States, which was acquired in August 2014 by the French security company Gemalto. Gemalto was, in turn, acquired by Thales Group in 2019. The former SafeNet's ...
eToken Pass :*
SafeNet SafeNet, Inc. was an information security company based in Belcamp, Maryland, United States, which was acquired in August 2014 by the French security company Gemalto. Gemalto was, in turn, acquired by Thales Group in 2019. The former SafeNet's ...
Safeword Alpine :* mOTP :* Lost token :* Paper token :* Feitian C-100 (HOTP) :* Feitian C-200 (TOTP) :* Feitian C-300 (OCRA) :* Feitian c601 (optical OCRA) :* Authenex A-Key V 3.6 :* Yubico Yubikey :*
Gemalto Gemalto was an international digital security company providing software applications, secure personal devices such as smart cards and tokens, and managed services. It was formed in June 2006 by the merger of two companies, Axalto and Gemplus In ...
Ezio Token :* Smartdisplayer :* NagraID 106/103 :* NagraID 306 (OCRA) :* BR Token SafeSIGNATURE :* LSE Simple Pass token :* LSE Remote Token :* LSE Radius Token :* LSE Tagespasswort Token :* Apps for iPhone and Android like the
Google Authenticator Google Authenticator is a software-based authenticator by Google that implements two-step verification services using the Time-based One-time Password Algorithm (TOTP; specified in RFC 6238) and HMAC-based One-time Password algorithm (HOTP; spec ...
:* Any HOTP/ TOTP and OCRA Token * Yubikey mass enrollment via CLI * support for token databases like sqlite, mysql, postgresql, oracle, db2 * management via web interface or command line client * Users stored in flat files * PAM module *
SAML Security Assertion Markup Language (SAML, pronounced ''SAM-el'', ) is an open standard for exchanging authentication and authorization data between parties, in particular, between an identity provider and a service provider. SAML is an XML-based m ...
* OpenID *
FreeRADIUS FreeRADIUS is a modular, high performance free RADIUS suite developed and distributed under the GNU General Public License, version 2, and is free for download and use. The FreeRADIUS Suite includes a RADIUS server, a BSD-licensed RADIUS client l ...
connection via rlm_perl * Selfservice * Import of XML Token files * Management functions: :* enroll/assign tokens :* synchronize, resynchronize, automatic resychronization :* activate/deactivate/delete tokens :* autoassignment :* lost token scenario :* find token by OTP value :* get OTP value * Detailed Policies Definitions * Sophisticated Audit API * Multitenancy


Source Code

Being written in Python the program itself comes as the source code.


Project web site



See also

*
One-time password A one-time password (OTP), also known as a one-time PIN, one-time authorization code (OTAC) or dynamic password, is a password that is valid for only one login session or transaction, on a computer system or other digital device. OTPs avoid seve ...
* Tokens * TOTP *
HOTP HMAC-based one-time password (HOTP) is a one-time password (OTP) algorithm based on HMAC. It is a cornerstone of the Initiative for Open Authentication (OATH). HOTP was published as an informational IETF RFC 4226 in December 2005, documenting th ...
* Multi-factor authentication *
OTPW OTPW is a one-time password system developed for authentication in Unix-like operating systems by Markus Kuhn (computer scientist), Markus Kuhn. A user's real password is not directly transmitted across the Computer networking, network. Rather, a s ...
* privacyIDEA * OPIE Authentication System *
Google Authenticator Google Authenticator is a software-based authenticator by Google that implements two-step verification services using the Time-based One-time Password Algorithm (TOTP; specified in RFC 6238) and HMAC-based One-time Password algorithm (HOTP; spec ...
* Pylons project *
Comparison of TOTP applications The following is a general comparison of OTP applications that are used to generate one-time passwords for two-factor authentication (2FA) systems using the time-based one-time password (TOTP) or the HMAC-based one-time password (HOTP) algorithms. ...


References

{{reflist Authentication methods Applications of cryptography Access control Computer access control Linux Software using the GNU AGPL license