Second factor for Credential Provider
in order to plan a deployment, I’d like to have a clear vision about Windows PrivacyIDEA Credential Provider and the supported second factor in different use case and in a mid term roadmap perspective.
Unfortunately, I don’t have the chance to test all use cases. I hope the development team could help me.
As a small counterpart, I build a table to summarize the use cases
The legend of my table is
Done means done with the following versions
-
PrivacyIDEA server 3.7.1
-
PrivacyIDEA Authenticator 4.0.0
-
PrivacyIDEA Credentiel Provider 3.2.0
-
Windows 10/11 joined to a pure on prems AD (No Azure AD, no hybrid joined AAD)
-
a 2FA user experience is like
- Username + password + factor validated by PrivacyIDEA
-
a Passwordless user experience is like
- Username + factor validated by PrivacyIDEA
-
a Idless user experience is like
- factor validated by PrivacyIDEA
2FA mode | Passwordless | Idless | |
---|---|---|---|
PrivacyIdea Authenticator | Done | ||
Google/MS Authenticator | |||
SMS | |||
MailOTP | |||
Yubikey as certificate holder device | |||
Yubikey as HOTP | |||
Yubikey as U2F | |||
Yubikey as FIDO2 | |||
laptop with embedded fingerprint sensor |
Thanks for the community contribution to mention for each empty cell if it is
- Done
- Planned just indicate the target 2022Q3, 2022Q4, 2023Q1, …
- Not planned yet
- N/A when Not applicable