Hardware Token Suggestions?

I have privacyIDEA up and running as the 2FA option for a VPN server. HOTP
tokens with smartphones (FreeOTP) are working great, but I have a few
users that I suspect will need and/or prefer a hardware token. I’ve looked
over the list in the privacyIDEA documentation of hardware tokens known to
work, but was wondering what experiences or recommendations folks in the
group here might have. I’m getting a quote for some SafeNet eToken PASS
units, but would love to hear about other types of tokens I should take a
look at.

ministeroftruth@gmail.com writes:

I’ve looked
over the list in the privacyIDEA documentation of hardware tokens known to
work, but was wondering what experiences or recommendations folks in the
group here might have.

I’m using Yubikey neo and Yubikey Edge tokens - and the work fine.
You’ll need to plan what you’ll use the two slots for - that took some
time for me to figure out, but it really depends on your needs/usecase.

I’m planning to have a look at the nitrokey, but I’ve not used one.

Jochen–
The only problem with troubleshooting is that the trouble shoots back.

Hi,
with my company NetKnights I not only consult in regards to integrating
privacyIDEA, not only provide service level agreements
https://netknights.it/en/leistungen/service-level-agreements/
but also provide consultancy for the right auth devices and finally
sell those.
https://netknights.it/en/produkte/oath-hotptotp/
So the question, which hardware devices you should use depends on may
different aspects.

I have good experiences with yubikeys, smartdisplayer OTP cards and
Feitian C200 tokens…

Kind regards
Cornelius

ministeroftruth@gmail.com:Am Freitag, den 23.09.2016, 08:48 -0700 schrieb

I have privacyIDEA up and running as the 2FA option for a VPN
server. HOTP tokens with smartphones (FreeOTP) are working great,
but I have a few users that I suspect will need and/or prefer a
hardware token. I’ve looked over the list in the privacyIDEA
documentation of hardware tokens known to work, but was wondering
what experiences or recommendations folks in the group here might
have. I’m getting a quote for some SafeNet eToken PASS units, but
would love to hear about other types of tokens I should take a look
at.

Please read the blog post about getting help
https://www.privacyidea.org/getting-help/.

For professional services and consultancy regarding two factor
authentication please visit
https://netknights.it/en/leistungen/one-time-services/

In an enterprise environment you should get a SERVICE LEVEL AGREEMENT
which suites your needs for SECURITY, AVAILABILITY and LIABILITY:
https://netknights.it/en/leistungen/service-level-agreements/

You received this message because you are subscribed to the Google
Groups “privacyidea” group.
To unsubscribe from this group and stop receiving emails from it,
send an email to privacyidea+unsubscribe@googlegroups.com.
To post to this group, send email to privacyidea@googlegroups.com.
Visit this group at https://groups.google.com/group/privacyidea.
To view this discussion on the web visit https://groups.google.com/d/
msgid/privacyidea/08f5d1d8-d881-414d-bcfe-
1b9400d8c62a%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

Cornelius Kölbel
@cornelinux
+49 151 2960 1417

NetKnights GmbH
http://www.netknights.it
Landgraf-Karl-Str. 19, 34131 Kassel, Germany
Tel: +49 561 3166797, Fax: +49 561 3166798

Amtsgericht Kassel, HRB 16405
Geschäftsführer: Cornelius Kölbel

signature.asc (819 Bytes)

ministeroftruth@gmail.com writes:

I’ve looked
over the list in the privacyIDEA documentation of hardware tokens
known to
work, but was wondering what experiences or recommendations folks
in the
group here might have.
I’m using Yubikey neo and Yubikey Edge tokens - and the work fine.
You’ll need to plan what you’ll use the two slots for - that took
some
time for me to figure out, but it really depends on your
needs/usecase.

I’m planning to have a look at the nitrokey, but I’ve not used one.

Jochen

The interesting thing with the nitrokey is, that it is an open hardware
and firmware. It is a GnuPGP Smartcard.
It has I think 12 TOTP slots and 3 HOTP slots and a password safe.

But as far as HOTP/TOTP is concerned, the Yubikey has a better
usability. At the moment you need the trayicon to create a one time
password. Maybe they will add a button in the future.

I think privacyIDEA could start to manage PGP Keys and smartcards like
the Yubikey 4/Neo and the Nitrokey. Then these devices get even more
interesting.

Kind regards
CorneliusAm Freitag, den 23.09.2016, 19:47 +0200 schrieb Jochen Hein:


Cornelius Kölbel
@cornelinux
+49 151 2960 1417

NetKnights GmbH
http://www.netknights.it
Landgraf-Karl-Str. 19, 34131 Kassel, Germany
Tel: +49 561 3166797, Fax: +49 561 3166798

Amtsgericht Kassel, HRB 16405
Geschäftsführer: Cornelius Kölbel

signature.asc (819 Bytes)