Security has always been Nextcloud’s first priority, and we are always happy when people contribute in this area. Today, we are happy to present you privacyIDEA, a modular authentication system adding a security layer to your existing systems.
Before we explain what privacyIDEA is, let’s remind what 2-Factors-Authentication (2FA) is. When you log into a system, you usually use a password. This is necessary, but this is not super secure. Your password could be stolen, someone could reset it, it could be stored in an insecure place… 2FA tackles this issue by stating that in order to access a system, you must give two different pieces of information. First, something you know (your password). Second, something you have, whether it is a one-time code sent to one of your devices, a USB key (like Yubikey) or a token if you have lost your device. It could also be ‘something you are’ (like a fingerprint or retina scan). Key is: two different ‘factors’ are required to log in. Thus, if your password has been compromised, the attacker will not be able to access your account without this second factor of authentication. 2FA is a nice security layer to add to your authentication and plenty of companies use it to ensure the safety of their data.
2FA is not easy to manage in a company environment, though. For instance, Nextcloud implements a native 2FA feature, but companies might also need to define 2FA rules for certain employees or certain apps and they may want to use it for different layers (VPN, firewall) or applications (WordPress, CRM etcetera). It would be easier to have one 2FA system for all systems, rather than a separate second factor for each. And instead of letting employees defining rules of their own (or not using 2FA at all), companies want to centrally manage two factors and their restrictions and rules. This is where privacyIDEA comes in.
PrivacyIDEA is an open source solution enabling central management of 2FA. It can identify users from multiple sources (LDAP, Active Directory and many more protocols) and manage their second factor of authentication. Administrators define rules and circumstances under which a user needs to log in with a second factor in a central way. Of course, everything runs inside the company, limiting the risk of data exposure and security breach.
The good news is that privacyIDEA works perfectly fine with Nextcloud! If you run a Nextcloud for your family or friends, the native 2FA should be sufficient. But it you run a bigger group with a need for permissions and central management, you should definitely give it a try. Learn more about privacyIDEA in Nextcloud in this video!
Presentamos Nextcloud Talk «Munich», una plataforma de comunicación de código abierto que ofrece una respuesta contundente a las nubes de Big Tech y es digitalmente soberana para equipos híbridos. Ahora es aún más resistente, potente y fácil de poner en marcha. Más información.
Ver más
Bienvenido a Nextcloud Hub 10. Nuestra última versión viene con un rendimiento reforzado en todas las aplicaciones, una integración más profunda en toda la plataforma y docenas de nuevas funciones que te facilitarán el día a día.
Ver más
Nextcloud announces new partnership with Thinkfree Office, a self-hosted office suite developed in South Korea, which is known for its ease of use. This collaboration is all about giving you more options, greater control, and a better user experience.
Ver más
Europe’s Digital Markets Act is a breakthrough, but only if enforced. Here’s why delay empowers Big Tech and threatens digital sovereignty.
Ver más
Discover the Microsoft 365 alternative by Nextcloud and IONOS: the Nextcloud Workspace office suite, launching in the course of 2025.
Ver más
