privacyIDEA is a modular solution for two factor authentication especially with OTP tokens. It is multi-tenency- and multi-instance-capable. Due to the modular structure privacyIDEA can be quickly and easily adapted and enhanced. E.g. adding new token types is as simple as writing a new lean python module. You do not need to modify your network for privacyIDEA, it does not write to existing databases or user stores. It only needs read access to your user stores like LDAP, Active Directory, SQL, SCIM-service or flat files. Existing workflows can be enhanced without the need to modify them. Using its simple REST like API it can be automated and smoothly be integrated. The Smartphone App "privacyIDEA Authenticator" turns your smartphone into an authentication device, which smoothlessly runs with the privacyIDEA backend. In contrast to classical smartphone based tokens the privacyIDEA Authenticator also allows for a more secure rollout process.