Current Release: v4.2.4.2
Release Date: 2014-04-13
 Download

Current beta version:
Download

Innovation award


  • Don't miss it : Tuesday 4. November 2014, workshop in Yverdon-les-Bains (Switzerland)


    During the 5th edition of the Application Security Forum Western Switzerland, a workshop will be given Tuesday the 4. November 2014. You are welcome from 8h00 for the breakfast, workshop is from 9h00-12h30, 12h30-13h30 lunch, 13h30-17h00 workshop, followed by a drink with other participants.

    We will learn how strong two factor authentication work, and we will create a fully functional open source strong two factors authentication OATH certified RADIUS device from scratch, using the latest version of the open source library called multiOTP (including a full featured GUI web interface), installed on a $35 Raspberry Pi nano-computer which will run under Raspbian (the Debian distribution for the Raspberry Pi). The device will be able to support more than 100 users.

    Don’t worry, the hardware is Plug and Play, no need to solder anything!

    Target audience:

     - Anybody interested about strong two factors authentication
     - Knowing some Linux console commands could help, but is not mandatory
     - No programming knowledge (but if you want to go deeper, the multiOTP library is written in PHP)


    You will have to bring:

     - a laptop (Windows, Linux, Mac OS X, etc.) with a wired network card
     - a smartphone (Android, iOS, BlackBerry) if you want to generate soft tokens


    Hardware included in the training price:

     - a Raspberry Pi B+ nano-computer (http://www.raspberrypi.org) in a case
     - a microSD card (which will be the storage device)
     - a real-time clock module (so the device can work even without an Internet connection)
     - a micro USB power supply
     - a YubiKey NEO hardware token with USB and NFC interfaces (http://goo.gl/jnYBFt) provided by Yubico


    Price:

     - 700.- CHF for entreprises
     - 525.- CHF for people coming from this page (special discount code : multiotp-promo)
     - 350.- CHF for students (discount code : student-t1)


    Registration

    Registration is done online using Eventbrite by clicking here.


    The official workshop description is available by clicking here.





  • NEW 4.2.4.2 VERSION OF 2014-04-13
    multiOTP
    is a PHP class and a powerful command line utility OATH certified developed by SysCo systèmes de communication sa in order to provide a completely free and easy operating system independent server side implementation for strong two factors authentication solution.

    Nowadays, spywares, viruses and other hacking technologies (including bugs exploitation like Heartbleed) are regularly stolen passwords typed by the user.
    By using a strong two factors authentication solution, the stolen passwords cannot be stored and used later anymore because each password (called OTP for One-Time Password) is only valid for one authentication and will failed if used a second time.

    Tokens CSV import (NEW in version 4.2.4.1)
    It's now possible to put your old hardware tokens definition in a CSV file and to import it directly into multiOTP.

    NT_KEY generation (NEW in version 4.2.4.1)
    NT_KEY is now generated by multiOTP and displayed for further handling by FreeRADIUS.

    Lot of new QA tests (NEW in version 4.2.4.0)
    More than 60 different tests (for the library and the command line) are integrated with multiOTP.

    Better MySQL(i) support (NEW in version 4.2.4.0)
    MySQL support has been improved in multiOTP and the mysqli library support is also supported.

    Active Directory (or LDAP) integration (since version 4.2.2)
    multiOTP
    can create strong authentication accounts automatically for users that are present in a specific group of the Active Directory (or the LDAP) of the company.

    Enhanced integrated web interface (since version 4.2.2)
    multiOTP
    provides now a web interface in order to import hardware tokens, create accounts, synchronize tokens or unlock accounts.

    MS-CHAP and MS-CHAPv2 support (since version 4.2)
    multiOTP
    supports now MS-CHAP and MS-CHAPv2 encrypted authentication requests.

    Tokens resynchronisation without prefix code (since version 4.2)
    multiOTP
    doesn't need anymore the prefix code in order to resynchronise hardware tokens.

    OATH certified (since version 4.1)
    multiOTP is now OATH certified for HOTP/TOTP and is compatible with any token that is also certified. PSKC encrytped files are supported.

    Rasperry Pi nano-computer supported (since version 4.1)
    multiOTP provides all necessary files in order to create your own strong authentication device using a Raspberry Pi.

    Self-registration and automaic resynchronisation (since version 4.1)
    multiOTP offers the user the possibility to self-register his hardware token. It is also possible to resynchronize a token during the authentication.

    Fully integrated client/server functionalities (since version 4.0)
    multiOTP can even be installed on laptops, for example if you need strong authentication on your laptops and you are not sure that you will have Internet access during the strong authentication process. This is possible and is now working with a native client/server support and the ability to have also automatic caching of tokens information of any users that have logged at lieast once on the laptop.

    SMS tokens and emergency scratch passwords (since version 4.0)
    multiOTP supports hardware and software tokens with different One-Time Password algorithms like OATH/HOTP, OATH/TOTP, mOTP (Mobile-OTP), SMS tokens or also emergency scratch passwords with 10 codes.

    MySQL support for the backend storage (since version 4.0)
    The data storage of the command line utility is flat files based in order to simplify deployment in a few minutes, but MySQL is now also fully supported. multiOTP can be easily integrated in free RADIUS servers like FreeRADIUS under Linux and Windows or TekRADIUS LT under Windows.

    QRcode generation for ultra-simple provisioning (since version 4.0)
    multiOTP is fully compatible with Google Authenticator which supports TOTP and HOTP, and this by simply using QRcode provisioning.

    And a lot of new features to discover...

    Example:
    - Create the account in multiOTP: multiotp -fascreate user_test
    - Create the corresponding QRcode: multiotp -qrcode user_test
    - Flashing the QRcode in the smartphone
    - Enjoy the power of multiOTP: multiotp -status -debug user_test xxxxxx (xxxxxx is the current code displayed by the Google Authenticator)

    Don’t hesitate to contact us by sending an email to info[AT]multiOTP[DOT]net if you have suggestions, or comments.



    If you want to use multiOTP to log on your desktop, server or laptop with a strong authentication, have a look at MultiOneTimePassword Credential Provider, a great free product that works starting with Windows Vista.