NEW 126.96.36.199 VERSION OF 2014-11-04
is a PHP class and a powerful command line utility OATH certified developed by SysCo systèmes de communication sa in order to provide a completely free and easy operating system independent server side implementation for strong two factors authentication solution.
Nowadays, spywares, viruses and other hacking technologies (including bugs exploitation like Heartbleed
) are regularly stolen passwords typed by the user.
By using a strong two factors authentication solution, the stolen passwords cannot be stored and used later anymore because each password (called OTP for One-Time Password) is only valid for one authentication and will failed if used a second time.YubiKey in proprietary mode Yubico OTP (NEW in version 188.8.131.52)
It's now possible to use YubiKey in proprietary mode Yubico OTP. Tokens are provisioned by importing the log file in traditional format.Active Directory password support (NEW in version 184.108.40.206)
It's now possible to use the Active Directory password instead of a PIN code.Tokens CSV import (NEW in version 220.127.116.11)
It's now possible to put your old hardware tokens definition in a CSV file and to import it directly into multiOTP
.NT_KEY generation (NEW in version 18.104.22.168)
NT_KEY is now generated by multiOTP
and displayed for further handling by FreeRADIUS.Lot of new QA tests (NEW in version 22.214.171.124)
More than 60 different tests (for the library and the command line) are integrated with multiOTP
.Better MySQL(i) support (NEW in version 126.96.36.199)
MySQL support has been improved in multiOTP
and the mysqli library support is also supported.Active Directory (or LDAP) integration (since version 4.2.2)
can create strong authentication accounts automatically for users that are present in a specific group of the Active Directory (or the LDAP) of the company.Enhanced integrated web interface (since version 4.2.2)
provides now a web interface in order to import hardware tokens, create accounts, synchronize tokens or unlock accounts.MS-CHAP and MS-CHAPv2 support (since version 4.2)
supports now MS-CHAP and MS-CHAPv2 encrypted authentication requests.
Tokens resynchronisation without prefix code (since version 4.2)
doesn't need anymore the prefix code in order to resynchronise hardware tokens.
OATH certified (since version 4.1)
is now OATH certified for HOTP/TOTP and is compatible with any token that is also certified. PSKC encrytped files are supported.Rasperry Pi nano-computer supported (since version 4.1)
provides all necessary files in order to create your own strong authentication device using a Raspberry Pi.Self-registration and automaic resynchronisation (since version 4.1)
offers the user the possibility to self-register his hardware token. It is also possible to resynchronize a token during the authentication.Fully integrated client/server functionalities (since version 4.0)
can even be installed on laptops, for example if you need strong authentication on your laptops and you are not sure that you will have Internet access during the strong authentication process. This is possible and is now working with a native client/server support and the ability to have also automatic caching of tokens information of any users that have logged at lieast once on the laptop.SMS tokens and emergency scratch passwords (since version 4.0)
supports hardware and software tokens with different One-Time Password algorithms like OATH/HOTP, OATH/TOTP, mOTP (Mobile-OTP), SMS tokens or also emergency scratch passwords with 10 codes.MySQL support for the backend storage (since version 4.0)
The data storage of the command line utility is flat files based in order to simplify deployment in a few minutes, but MySQL is now also fully supported. multiOTP
can be easily integrated in free RADIUS servers like FreeRADIUS under Linux and Windows or TekRADIUS LT under Windows.
QRcode generation for ultra-simple provisioning (since version 4.0)multiOTP
is fully compatible with Google Authenticator which supports TOTP and HOTP, and this by simply using QRcode provisioning.
And a lot of new features to discover...
- Create the account in multiOTP: multiotp -fascreate user_test
- Create the corresponding QRcode: multiotp -qrcode user_test
- Flashing the QRcode in the smartphone
- Enjoy the power of multiOTP: multiotp -status -debug user_test xxxxxx (xxxxxx is the current code displayed by the Google Authenticator)
Don’t hesitate to contact us by sending an email to info
if you have suggestions, or comments.
If you want to use multiOTP
to log on your desktop, server or laptop with a strong authentication, have a look at MultiOneTimePassword Credential Provider, a great free product that works starting with Windows Vista.