On August 15th we released LinOTP 2.9 to the repositories.

LinOTP 2.9

LSE Leading Security Experts GmbH is pleased to announce the availability of LinOTP 2.9.

LinOTP 2.9 is one of our biggest releases with over 500 commits. Introducing many improvements, small features, cleanups and fixed bugs. The highlights are the preparation for the offline authentication, utilizing our new QRToken, the new Reporting API and the extended SMS and E-Mail Provider configuration.


  • New Feature: Offline Authentication

LinOTP 2.9 introduces the next generation of our QR-Code based soft token, which will be complemented by the releases of our LinOTP Authentication Providers for operating system Microsoft Windows and LinOTP mobile apps in the next weeks to allow for an integrated and secure Offline Authentication with high usability in addition to the traditional secure, transaction based authentication.

  • New Feature: Reporting API

To allow for integration into reporting environments and to simplify the accounting in multi-tenant environments LinOTP provides a new powerful reporting API to collect information like the number of current active tokens and the highest number of tokens over time for certain realms.

  • New Feature: Realm specific SMS Providers

LinOTP 2.9 supports the management of multiple SMS and e-mail providers. These providers allow to specify SMS or e-mail settings for different customers, realms or users in a diverse LinOTP environment.


LinOTP 2.9 is available as Debian and RPM packages from Ubuntu packages are available from our PPA on Launchpad. Users of the LSE LinOTP Smart Virtual Appliance will receive LinOTP 2.9 via the integrated auto-update mechanism after August 16th 2016.

The LSE team would be pleased to answer any questions you may have about LinOTP and assist upgrading your environment to the latest release at

The KeyIdentity LinOTP team

KeyIdentity GmbH
Robert-Koch-Stra├če 9, 64331 Weiterstadt

Sales Hotline: +49 6151 86086-277, Fax: -299
Registered Office: Weiterstadt, Amtsgericht Darmstadt: HRB8649
Board of Directors: Nils Manegold, Dr. Amir Alsbih

Changelog LinOTP 2.9

  • Server: Add support for offline authentication
  • Server: Add QRToken
  • Server: Add forwarding token
  • Server: Add reporting controller
  • Server: Add support for multiple SMS/e-mail providers
  • Server: Add support for long config values
  • Server: Add issuer label to OATH tokens
  • Server: Allow one-time simplepass tokens
  • Server: Allow multiple users with same username in one realm
  • Server: Support migration of resolvers for assigned tokens
  • Server: Add authorization policies for monitoring controller
  • Server: Allow named otppin policies ('token_pin', 'password' and 'only_otp')
  • Server: Add SSL/TLS abilities to SMTPSMSProvider
  • UserIDResolver: Add class registry and class aliases
  • WebUI: Slightly polished look and feel
Bug Fixes
  • WebUI: Hide 'Get OTP' button if getotp is deactivated in config
  • WebUI: Several bug fixes in different dialogs and elements
  • Server: Fix generating transactionids which failed in rare circumstances
  • Server: Handle timestamp rounding instead of truncating in MySQL 5.6
  • Server: Do not copy old PIN on lost simplepass token
  • Packaging: Remove debconf entry 'linotp/generate_enckey'
  • WebUI: Validate resolver configuration on resolver definition
  • WebUI: Alert in realm dialog if no resolvers are selected