The new RCDevs’ SpanKey solution is now ready for sale (http://www.rcdevs.com/store)! SpanKey is a client-server solution which provides seamless AD accounts’ integration into your Linux environments, SSH access without key distribution and user session recording. SpanKey is licensed per server and packages are sold on RCDevs’ webstore or by contacting RCDevs sales. A 50% discount is offered for OpenOTP customers.

Our SpanKey2 main features are:
– Super easy setup (1 minute on a blank Linux host)
– AD accounts in Linux (no more PAM-LDAP or Winbind)
– SSH access (with offlinecapabilities)
– Host access permissions with simple server tagging
– Support for shared accounts (conserving personal audit)
– Graphical session recording in an encrypted DB or NAS
– Automatic account creation and temporary accounts
– Optional multi-factor login with RCDevs Push
– User enrolment via self-services
– Automatic SSH key expiration and renewal via email/sms
– Support for Hardware PIV keys and smatcards.
– Supported on most Linus distributions

Our next release will includes:
– Full MFA support (with challenge response and Hardware Tokens)
– Idle session detection and unlocking with AD domain password
– Sudo replacement (with on-the-fly system owner(s) validation via mobile push)
– Session sharing for collaborative work.

With SpanKey companies can gain control on all SSH key based access, with just one central entitlement storage: the already existing AD/LDAP. Simple, transparent and hassle-free. For more information visit http://www.rcdevs.com/solutions/ssh-key-management/


RCDevs extended its solution portfolio with MFA-VPN, a small-to-medium-business VPN server appliance for OpenOTP. MFA-VPN is easy to setup and provides secure remote access for your Active Directory or LDAP users, with pre-included multi-factor features like mobile Push Login (One-Tap login) and Universal Second Factor (FIDO-U2F). 


As the first 2FA innovation vendor in the world, RCDevs now offers One Time Password login also for Windows, even for those logging in offline. No longer companies will need to fall short in compliance, failing to enable OTP for those without an internet connectivity. RCDevs’s unique Windows offline support in latest OpenOTP Credential Provider allows users login to Windows with OTP anywhere and at any time, providing superior all-encompassing 2FA solution for all Windows access.


RCDevs is proud announce that it has relocated its headquarters  to a more spacious office in Jazz residence in Belvaux, at the heart of the Luxembourg Science and Technology district.

Our new visiting address is:

1 avenue du Blues
L-4368 Belvaux
Luxembourg
 +352 26 17 61 21
 +33 (0)9 72 14 52 97

To see the Map: Contact-us

We look forward to welcoming you in our new office any time and trust that the new surroundings will contribute to our staff’s motivation to provide you with even better services.


Our latest product releases include a certificate authority service which can be used for accessing third-party applications and new Windows components for RDP and ADFS.

 As you may already know, WebADM includes a PKI subsystem which is designed for a stronger access to the administration portal and the self-services. The PKI is now enterprise-ready with the addition of the OCSP revocation check protocol; user certificates can also be used for s/mime email, PGP, Enterprise Wifi and secure access to web sites. With WebADM OCSP, third-party systems can validate the status of a user certificate on-demand, by calling the OCSP-compliant endpoint at https://yourserver/ocsp/. Please contact RCDevs support for more information.

Our credential provider for Windows Login now fully supports Microsoft Remote Desktop Gateway! If you run RD Gateway to publish Windows resources like applications or remote accesses, then you can enforce multi-factor authentication with any of the supported OpenOTP methods. Moreover, once you authenticate on the gateway, the backend service access will not prompt for the Windows username and password again. For a simplified user experience, only the OTP or One Tap Push validation is required.

Our plugin for Microsoft Active Directory Federation Services (ADFS) has been enhanced. It supports more concurrent users, more efficient OTP back-end server failover, login with OTP, U2F and One Tap Push validation. OpenOTP for ADFS provides MFA for Exchange, Sharepoint, RD Web Gateway and much more.


OpenOTP_Token_Mobile_AppRCDevs is proud to announce the release of its new mobile Token application (OpenOTP Token) which is now available on Android and IOS app stores. OpenOTP Token is designed for use with OpenOTP Server version >= 1.3.x which provides the support for additional user authentication methods relying on mobile push notifications.

RCDevs engineers have designed OpenOTP Token for the best user experience ever, with two additional operating modes: In the standard operating mode, the Token gets notified during the login process and displays the transaction details with the OTP code on the mobile screen. For more convenience, it can optionally speak the OTP code. Of course the spoken code cannot be spoofed and is usable for the ongoing user transaction only. Then comes the Simple-Push mode where the Token displays the transaction details and expects the user approval with a convenient one-tap action (with ‘Approve/Deny’).

Best of all, OpenOTP Token is far more secure than usual Software Authenticators. It supports secure storage (with keychain), biometric & PIN unlock, secure enrolment process where the Token seed is not limited to the generated QRCode anymore, as well as a unique phishing attack mitigation feature enforcing real-time validation of the user access location.

You need a registration to the RCDevs Push Service in order to use the push login features. RCDevs Push Service is free of charge and you can register your account here: http://www.rcdevs.com/solutions/pushreg/. For customers with an Enterprise license, the push service registration is pre-included and not needed at all.

You can get more information on how to implement OpenOTP login with push methods here: http://www.rcdevs.com/downloads/documents/OpenOTP+Authentication+Server/

Downloads:

android_logo_143x134

iphone_logo_143x134

 

 

 

 

 


Amazon_web_services_EC2You can now operate OpenOTP Community Server directly as an EC2 image at Amazon Web Services. You only need an AWS account from where you can start the image directly.

We’ve released a new Amazon Web Services image for you to try out. This is the equivalent of our appliance, but can be instantiated easily in AWS’ North Virginia region. If you have an AWS account, simply click on the link below and choose a t2.micro instance if you just intend to test it.

The image now includes LDProxy, our LDAP interface for authentication. After Appliance has booted, the system will automatically start the setup script, you can follow our Appliances documentation and directly jump to Chapter 3).

downloads/VMWare/VMWARE_Appliance.pdf/

AWS-launch-stack


OpenID-ConnectThe latest version of the RCDevs Identity Provider (ie. RCDevs OpenID product) supports both the OpenID-Connect v1.0 and OAuth2 SSO standards.

The RCDevs identity provider in the previous versions included OpenID v1.1 and v2.0 which is deprecated and has been replaced by OpenID-Connect.

OpenID Connect 1.0 is a simple identity layer on top of the OAuth 2.0 protocol. It allows Clients to verify the identity of the End-User based on the authentication performed by an Authorization Server, as well as to obtain basic profile information about the End-User in an interoperable and REST-like manner.
For more information please contact RCDevs or go to the product page at http://www.rcdevs.com/products/openid-saml-identity-provider/.