Supported second factor for Credential Provider

Second factor for Credential Provider

in order to plan a deployment, I’d like to have a clear vision about Windows PrivacyIDEA Credential Provider and the supported second factor in different use case and in a mid term roadmap perspective.

Unfortunately, I don’t have the chance to test all use cases. I hope the development team could help me.

As a small counterpart, I build a table to summarize the use cases

The legend of my table is

Done means done with the following versions

  • PrivacyIDEA server 3.7.1

  • PrivacyIDEA Authenticator 4.0.0

  • PrivacyIDEA Credentiel Provider 3.2.0

  • Windows 10/11 joined to a pure on prems AD (No Azure AD, no hybrid joined AAD)

  • a 2FA user experience is like

    • Username + password + factor validated by PrivacyIDEA
  • a Passwordless user experience is like

    • Username + factor validated by PrivacyIDEA
  • a Idless user experience is like

    • factor validated by PrivacyIDEA
2FA mode Passwordless Idless
PrivacyIdea Authenticator Done
Google/MS Authenticator
Yubikey as certificate holder device
Yubikey as HOTP
Yubikey as U2F
Yubikey as FIDO2
laptop with embedded fingerprint sensor

Thanks for the community contribution to mention for each empty cell if it is

  • Done
  • Planned just indicate the target 2022Q3, 2022Q4, 2023Q1, …
  • Not planned yet
  • N/A when Not applicable