On July 28th we released LinOTP 2.12 to the repositories.

LinOTP 2.12

arxes-tolina GmbH is pleased to announce the availability of the following product release:

LinOTP 2.12 brings many improvements, new features and bugfixes. The following list contains the most important changes. Please also refer to the complete changelog at the end of this newsletter.


  • Token usage datescan now optionally be tracked for newly enrolled tokens if activated
  • Challenge validity time is now configurable in the Manage-UI


LinOTP 2.12 is available as a Debian package from

Users of the LinOTP Smart Virtual Appliance will receive LinOTP 2.12 via the integrated auto-update mechanism.

We are happy to assist our support customers in upgrading their environment to the latest release. Please contact us at

The LinOTP team

arxes-tolina GmbH
Strong MFA solution by netgo
Branch office Darmstadt, Robert-Koch-Straße 9, 64331 Weiterstadt
Main office, Piesporter Straße 37, 13088 Berlin
Registerd Office: Amtsgericht Berlin-Charlottenburg, HRB 84278
Board of Directors: Dr. Peter Heilmann, Ralf Berndt, Sebastian Meyer

Sales Hotline: +49 6151 86086-277, Fax: -299

Changelog LinOTP 2.12

  • Server and UI: Add three new columns to the token table, they can be viewed under the admin/show endpoint, and in the Manage UI under TokenInfo. The system settings dialog in the Manage UI provides an option to enable and configure their visualisation
    • LinOtpCreationDate - contains the date of creation of the token
    • LinOtpLastAuthSuccess - last successful login with this token
    • LinOtpLastAuthMatch - last use of the token with several tokens and otppin is not PIN or the tokens have identical PIN
  • Server: Expired or wrong cookies in userservice requests will return a HTTP 401 (session abort) error
  • UI: Browser tab icons match the current LinOTP logo
  • UI: Browser tab titles start with the name of the web application, to make it easier to distinguish between Manage and Selfservice UI in small tabs
  • UI: Challenge validity time for SMS and email tokens can now be set via the Manage UI

  • Bug Fixes:
  • Server: Failed userservice 2nd factor logins increase the fail counter of the respective token
  • Server: Replication setups on the SVA no longer fail due to faulty userservice cookie handling