nearlyfreespeech.net is such a great domain service provider.

Adamantine Plate armor equipped!

#twofactor #nearlyfreespeech #domainregistration

This is what innovation can do!

#AirGapped #Offline #PKI #PrivateKeys #TwoFactor- #2FA #Yubico #Yubikey

======

Vincent Bernat Turns Three YubiKeys and a Cheap Single-Board Computer Into a Secure Offline PKI
https://www.hackster.io/news/vincent-bernat-turns-three-yubikeys-and-a-cheap-single-board-computer-into-a-secure-offline-pki-1735b4ad7fc2

---
Developer Vincent Bernat demonstrates how to turn three Yubico YubiKey USB two-factor authentication dongles into an offline public key infrastructure (PKI) using a low-cost single-board computer as an air-gapped host.

I live in a country where the main federal government service sends account confirmation codes by postal mail. Maybe someone Francophone misheard "two factor" authentication and thought it was «du facteur» authentication?

#Canada #GCKey #CanadaPost #TwoFactor

Ich wollte mich heute im Google Browser am Laptop anmelden und sollte die 2 Faktor Authentfizierung im Auto bestätigen (Android Automotive mit Google Chrome) :D #androidautomotive #twofactor #it

I believe it's time to modify Laravel's Authentication flow for a two-step scenario.

It's very difficult to make 2FA unless you deal with a middleware that checks 2FA on EVERY REQUEST, instead of just at the login flow.

#PHP #Laravel #Authentication #Security #2FA #TwoFactorAuthentication #TwoFactor #Auth #Programming #SoftwareDevelopment #WebDevelopment #WebDev

Have you ADDED 2FA to your website? Have you added 2FA to your hosting providers? Have you added 2FA to your keyvault in Azure?

I have.

Maybe you should even if you aren't an enterprise. #2fa #twofactor #cybersecurity

The #Security illusion: Why #TwoFactor #Authentication is No Longer Enough
https://mawgoud.medium.com/the-security-illusion-why-two-factor-authentication-is-no-longer-enough-5985f50d78d5

If I want to migrate away from #Authy, which iOS App would I use these days?

I only need an iOS app. It should sync via iCloud without the need for other external accounts or servers. If I could export the data for the case I want to migrate again, that would be perfect.

No Chrome plugin, no desktop app. Nothing that saves my passwords together with ny #2FA codes. That would be absurd.

Is 2FAS okay? It seems like it's pretty much the best choice currently.

#TwoFactor #Security #iOS #AskFedi

WordPress > Secure your account on wp.org

Here is a good post about how to secure your account on wp.org with an additional security factor:

Setup Two-Factor authentication on wordPress.org
https://make.wordpress.org/meta/2023/09/26/set-up-two-factor-authentication-wordpress-org/

Just generated a passkey, set up a two-facor app and saved some backup codes. Only takes a few minutes and gives piece of mind.

(Especially recommended for theme and plugin authors 😉)

#WordPress #Login #Security #TFA #TwoFactor

First in the session came Murali et al.'s "Continuous Authentication Using Human-Induced Electric Potential", presenting a novel #twofactor #authentication using human-induced electric potential captured by wearables in contact with the user's body. (https://www.acsac.org/2023/program/final/s168.html) 2/5

Me arrepiento de usar Authy de Twilio para gestionar la autenticación de doble factor. No solo porque ya no dan soporte en Linux, sino que además no te da la opción de exportar las claves para irte a otro software.
Al final lo he conseguido usando un script creado por un héroe sin capa.
Lección que estaréis cansados de escuchar: no usar software libre sale caro.
#TwoFactor #twilio

New Ente Auth desktop 2FA app released:
https://alternativeto.net/news/2024/4/ente-releases-desktop-version-ente-auth-s-open-source-2fa-authenticator-app/

FFmpeg 7.0 released with Dolby Vision profile 10 support in AV1, HEIF/AVIF support, D3D12VA hardware accelerated H264, HEVC, VP9, AV1, MPEG-2 and VC1 decoding etc.:
https://9to5linux.com/ffmpeg-7-0-dijkstra-released-with-important-aarch64-optimizations-for-hevc

Kodi 21.0 released with FFmpeg 6.0, NFSv4, AVIF image support, support for reading/writing M3U8 playlists etc.:
https://9to5linux.com/kodi-21-0-omega-open-source-media-center-is-here-with-major-changes

4/4

#WeeklyNews #FOSS #OpenSource #Ente #2FA #FFmpeg #Kodi #MediaServer #TOTP #TwoFactor #FosseryTech

Ревизия аккаунтов потихоньку доходит до аккаунтов, которыми я не пользовался уже много лет. Смотрю, как сайты изменились.

#DeviantArt позволяет "деактивировать" аккаунт. На странице показывает плачущего робота ( :blobcatwut: ) и подробно перечисляет последствия "деактивации".

Задумался.
Гуляя по аккаунту, набрёл на вкладку Authentication, где встретил прямо-таки золото: двухфакторный вход доступен только по платной подписке. :blobcatheadache:

Я бы понял, если бы они отправляли SMS; но описание прямо там же утверждает, что код надо будет вводить из генератора — т. е. там банальный #TOTP, кроме разовых расходов на разработку эта фича ничего не расходует. :blobcatbolb:

Ну ладно. (Отключил аккаунт.)

#security #2fa #TwoFactor

A Pain-Free Way to Secure All Your Online Accounts

two-factor authentication—aka 2FA—is a time-sensitive code sent to you via text or generated by an app when you’re logging in somewhere.

An emerging technology called passkeys conveniently replaces both passwords and 2FA codes, but it’s only supported on a small number of sites. Until they’re ubiquitous, we’re stuck with pesky codes.

#password #passwords #2FA #twofactor #passkeys #security #cybersecurity #verification

https://www.wsj.com/tech/personal-tech/a-pain-free-way-to-secure-all-your-online-accounts-527cdecb

Why does #Sharkey / #Misskey need an "authenticator app" registered before you can use a hardware key? That doesn't make sense #security wise.

Yeah I know it's to prevent people from just accidentally getting locked out of their accounts, but there should be an option for #FediAdmins to allow this risk. 🤔

#2FA #yubikey #hardwarekey #cybersecurity #twofactor #twofactorauth #twofactorauthentication

As so many people gather with families and friends, make a plan for yourself to set everyone up with real Two-Factor Authentication, at least on their primary email

Give the gift of resilience

https://ssd.eff.org/module/how-enable-two-factor-authentication

#2FA #TwoFactor #infosec

Dropbox Users. If you have Dropbox and have 2 factor turned on, just a warning, if you ever lose access to the email that is associated with Dropbox, then you could lose all access to your files. The reason is because Dropbox uses your email to send you the 2 factor code to enter. This has happened to my friend. Dropbox does set up 10 emergency 2 factor codes that will always work that you can write down and keep. The thing is that most people do not know about these codes. To access and write down your codes, go to the Dropbox website and log in, go to settings, then go to security. In there you will find your personal 2 factor codes that you can use each one one time in case of an emergency. And please do not store these codes in your Dropbox, because if you can not access your Dropbox, then you will not be able to access these codes! Store them somewhere safe outside of Dropbox so you can easily access them if needed. #Dropbox #TwoFactor #Codes #Website #security

https://www.schneier.com/blog/archives/2005/02/the_curse_of_th.html

This was written nearly 20 years ago… yet today… I see examples of this "wish it were two factor" all over the place.

One being the leave booking system my workplace now uses (Oracle NetSuite).

You want to do two-factor, fine, let's do it *properly*. FIDO2 WebAuthN.

Want to pretend? Don't bother! (And people why I want to leave the IT sector?)

#InfoSec #TwoFactor #rant

#TwoFactor #Authentication Apps: Mistakes To #Malware
https://hackaday.com/2023/05/17/two-factor-authentication-apps-mistakes-to-malware/