Release Notes: This release supports hardware cryptography with YubiHSM from Yubico. HSMs are used for token seed generation, SMS/mail passwords and OCRA challenges, and token secret storage (AES-256-CBC mode). Server-side concatenated passwords are now supported for simpler integrations in non-challenged mode. The update also includes a lot of other features and some fixes.
Release Notes: This release contains many fixes and new features. It supports expired passwords detection, SafeNet Tokens, additional APIs, OTP PIN codes, Token import via serial numbers, and more.
Release Notes: This major release includes several important new features, including support for multiple Tokens per user, new OTP fallback methods, a new simpleLogin API, and a new RadiusBridge.
Release Notes: This release adds support for geolocalization and IP location-based policies, adds a new XML-RPC API, improves logging, and fixes OCRA Tokens.
Release Notes: SMSOTP and MailOTP support for sending OTPs to several numbers/addresses per-user. MailOTP subject can be customized. The user blocking management was enhanced. Blocking alerts were added. An HOTP resync problem was fixed. A PSKC export problem was fixed. New requests are optionally allowed when a session is already started after a delay of 5 seconds (the existing session is dropped the and user does not have to wait for the challenge timeout). A 'Service Name' setting was added for customizing the Google Authenticator display name. A Manager function was added for checking user blocking status.
Release Notes: This version is fully compliant with WebADM 1.2 and supports the new WebADM Manager Interface. A JSON-RPC interface was added for the OpenOTP authentication API. SMS OTP supports concatenated SMS for messages longer than 140 chars. A HOTP manual resync issue was fixed. New requests are now allowed when a session exists after a delay of 10 seconds. The existing session is dropped and the user does not have to wait for the challenge timeout to expire.
Release Notes: A JSON Web API was added. SMTP support was added. A WSDL namespace issue when imported in VisualStudio .NET was corrected. TOKEN, LIST, and LASTOTP fallback methods are now allowed with any OTPType. The fallback is automatically disabled if the user data are missing. SMS and Mail OTP support prefetched delivery mode (next OTP is send after authentication). LASTOTP has an expiration time. Major code rewrites, optimizations, and OTP fallback changes were made.
Release Notes: An OCRA problem with numeric challenges was fixed. An action to unblock accounts was added. A Password Swap feature was added for simpler RADIUS and PAM support. An Emergency OTP password feature was added: you can set a temporary OTP for users who cannot use their usual OTP and need access. An action to unregister a user token was added. SMS/Mail OTP fallback system has been enhanced: with TOKEN and LIST fallback modes, OpenOTP accepts both SMS/Mail and fallback OTPs. The LastOTP metadata stores an OTP hash instead of the OTP value. A PSKC import problem with OCRA Tokens was fixed.
Release Notes: RADIUS proxy functionality was added to ease migration to OpenOTP from another solution. A problem with the PSKC import tool (bin/pskc) was fixed. Internal code enhancements were made and error handling was improved. SHA256 and SHA512 key registration support was added for TOTP/OCRA Tokens. The PSKC import tools were rewritten to comly with IETF RFC-6030. PSKC export was added to backup user Token information. Client policies support was added for Trust domains.
Release Notes: OTP Password List support was added. Minor text export problems for PSKC and OTP List were fixed. The setting list was rearranged for better visibility. -FALLBACK was added in the challenge message in fallback mode. This version is completely free for 25 users.