Your observation is right.
OwnCloud really sucks at the client side authentication, since it caches
passwords and does not use authentication tokens like OAuth or anything
else. You have the same problem with the desktop client, which will
result in locked tokens.
Fixing things in the backend (privacyidea) that are broken in the
frontend (owncloud) is the wrong approach.
However, you can assign a second token to the user, a simple pass token,
which only consists of the OTP PIN - i.e. a fixed password. Since this
is what this software which I also finally banned from my computers is
capable of handling.
This way you can use a SPASS token for the iOS app an true OTP for the
CorneliusAm Sonntag, den 31.01.2016, 06:57 -0800 schrieb Prism:
Hi, I just configured privacyidea HOTP for my owncloud setup (ubuntu,
mysql) and it works perfectly.
The issue arises when I try to run it off my owncloud for iOS app.
Because the HOTP 6 digit passcode is valid for single use, although I
can configure it on the iOS app, I cannot actually use it because it
expires when I refresh the content.
Is there a way of locking a passcode to a specific device so that the
passcode can be reused an unlimited number of times on that specific
Thanks for your help.
For professional services and consultancy regarding two factor
authentication please visit
In and enterprise environment you should get a SERVICE LEVEL AGREEMENT
which suites your needs for SECURITY, AVAILABILITY and LIABILITY:
You received this message because you are subscribed to the Google
Groups “privacyidea” group.
To unsubscribe from this group and stop receiving emails from it, send
an email to email@example.com.
To post to this group, send email to firstname.lastname@example.org.
Visit this group at https://groups.google.com/group/privacyidea.
To view this discussion on the web visit
For more options, visit https://groups.google.com/d/optout.
+49 151 2960 1417
Landgraf-Karl-Str. 19, 34131 Kassel, Germany
Tel: +49 561 3166797, Fax: +49 561 3166798
Amtsgericht Kassel, HRB 16405
Geschäftsführer: Cornelius Kölbel
signature.asc (836 Bytes)