LinOTP is an open source solution OTP maintained by the German company LSE Leading Security Experts GmbH. It is distributed under AGPLv3 .
OTP means “One Time Password”: indeed, the OTP passwords are generated at a given time , valid for a short period and usable once. Generation is done with suitable materials, such as tokens or even smartphones applications.
In practice, the end user authenticates by entering its ID, the Password – which corresponds to a static password that is stored – and achieved through hardware OTP. It is in this sense that we can speak of system with two -factor authentication (two -factor authentication), because it is based on something that we know – Password – and something that we have – the token or smartphone.
Thus, the OTP solves a number of problems inherent in the use of static passwords classics:
It is no longer subject to the limits of the human factor, which often involves compromise on the complexity of the password, and the irregularity of the change.
Especially dictionary attacks become ineffective.
Brute force are also limited because they can not rely on random testing in a large key space.
Silent recovery password (via network listening, installing a spy, or social engineering) is not sufficient to authenticate. In addition, a method of OTP generation is based on time synchronization: the tokens and OTP authentication server are set to the same time. furthermore, for each token is defined as a secret key is recorded in the database server . It is the combination of these two parameters and that enables generation of a validation OTPs.
LinOTP, an open source solution
LinOTP OTP is the open source solution we chose. It is at the center of the authentication mechanism:
Interface user connection requests LinOTP validate or not authentication. LinOTP consults a database of existing users (Radius / LDAP) Information regarding materials is stored in OTP its own database.
LinOTP is a true OTP solution meets business needs.
Moreover, it includes a very responsive support service that could meet our expectations.
Finally, our experience with LinOTP was very positive because it allowed us to position ourselves on a new point of the security sector . So we are now able to offer our customers the integration of a true OTP open source, enabling them to improve the reliability of the user authentication process solution.
LinOTP Architecture:
The below diagram shows the architecture of LinOTP solution!
Supported tokens:
SafeNet eToken Pass
SafeNet Safeword Alpine
motp
Lost token
Paper token
Feitian C-100 (HOTP)
Feitian C-200 (TOTP)
Feitian C-300 (OCRA)
Feitian c601 (optical OCRA)
Authenex A-Key V 3.6
Yubico Yubikey in OATH mode
Yubico Yubikey authentication against Yubico Cloud service Yubico Yubikey in AES mode
Gemalto Ezio Token
Smartdisplayer
NagraID 106/103
NagraID 306 (OCRA)
BR Token SafeSIGNATURE
LSE Simple Pass token
LSE Remote Token
LSE Radius Token
LSE Tagespasswort Token
Apps for iPhone and Android like the Google Authenticator Any HOTP/ TOTP and OCRA Token
