![\"privacyIDEA1\"](\"https:\/\/blog.shade.sh\/wp-content\/uploads\/2015\/12\/privacyIDEA1.png\")
Have you ever searched for a good, secure, not complex, customizable and cheap 2nd factor implementation?<\/p>\nHave you ever searched for a good, secure, not complex, customizable and cheap 2nd factor implementation?<\/p>\n
Stop searching!<\/p>\n
PrivacyIDEA<\/a> is one of the candidates i searched for a long long time… i already dealt with RSA, Kobil, Stonesoft, GoogleAuth (own build solution) and much more. I can now say, this is the most perfect solution for all your 2nd factor authentication needs. The most important part is, its OpenSource and everybody can check if there is some bug or backdoor and (!) its perfectly customizable!<\/p>\n It has all the plugins for Apps that you already love to use and already use in your daily work. FreeRadius, PAM, Nginx, Apache2, OpenVPN, Typo3 and much more!<\/p>\n It can be used with a lot of authentication mechanism, TOTP (Software or Hardware based), HOTP (Software or Hardware based), Email, Yubikey, and much much more!\u00a0The interesting part is, you can also use your existing LDAP server (Microsoft, OpenLDAP and simliar) or local flat file (Linux Passwd) to map users to your 2nd factor tokens.<\/p>\n I used it with TOTP Software or Feitian Token in a MySQL Master-Master Active\/Active setup with FreeRadius to authenticate users (Very large userbase!) for VPN on our Cisco ASA. It works as expected and so far without a single problem.<\/p>\n