Amazon. Wants a passkey. Set a passkey.
Go to sign in
Wants email - ok
Wants fingerprint (Macbook Air here) - ok
and now it wants my 2FA

I REALLY do not get why passkeys are ‘the thing’.

#passkey #security #twofactor #2FA

MakeUseOf: This free app turns any USB into a PC security key. “Personally, I prefer using a YubiKey security key to secure my login accounts. However, if you don’t want to splurge on a dedicated hardware key, you can turn your humble USB flash drive into a security key using USB Raptor.”

https://rbfirehose.com/2025/10/19/makeuseof-this-free-app-turns-any-usb-into-a-pc-security-key/

Sandia Lab: Two-factor authentication just got easier. “Researchers at Sandia have announced a more efficient way to generate and send temporary security codes. Unlike conventional methods, the new technique does not depend on the time, which could help secure small and remote network-connected devices, including drones, remote sensors, agricultural equipment and industrial control systems.”

https://rbfirehose.com/2025/07/29/sandia-lab-two-factor-authentication-just-got-easier/

Maybe it's female of me to realise that you can't always control whether you have any devices (let alone USB keys) on your person, or indeed what your face looks. #twoFactor is OK for sophisticated matters of business, but it can't be mandatory for essentials eg proving nationality, accessing email.

I have ALWAYS thought #twoFactor created personal vulnerabilities, particularly but not exclusively when travelling abroad. I (stupidly) hadn't thought about how it facilitates autocratic policies such as ethnic cleansing. #technologyEthics #cybersecurity #civilliberties bsky.app/profile/j2br...

RE: https://bsky.app/profile/did:plc:ic4mplmy2blzwvurli4htcim/post/3ltxpce2dczw2

"His mobile phone, which is required for the two-step authentication process to verify his identity cards, is held by police."

I have ALWAYS thought #twoFactor created personal vulnerabilities, particularly but not exclusively when travelling abroad. I (stupidly) hadn't thought about how it facilitates autocratic policies such as ethnic cleansing. Much like #AISurveillance.

#giftArticle in previous toot.

#technologyEthics #cybersecurity #civilliberties

nearlyfreespeech.net is such a great domain service provider.

Adamantine Plate armor equipped!

#twofactor #nearlyfreespeech #domainregistration

This is what innovation can do!

#AirGapped #Offline #PKI #PrivateKeys #TwoFactor- #2FA #Yubico #Yubikey

======

Vincent Bernat Turns Three YubiKeys and a Cheap Single-Board Computer Into a Secure Offline PKI
https://www.hackster.io/news/vincent-bernat-turns-three-yubikeys-and-a-cheap-single-board-computer-into-a-secure-offline-pki-1735b4ad7fc2

---
Developer Vincent Bernat demonstrates how to turn three Yubico YubiKey USB two-factor authentication dongles into an offline public key infrastructure (PKI) using a low-cost single-board computer as an air-gapped host.

I live in a country where the main federal government service sends account confirmation codes by postal mail. Maybe someone Francophone misheard "two factor" authentication and thought it was «du facteur» authentication?

#Canada #GCKey #CanadaPost #TwoFactor

Ich wollte mich heute im Google Browser am Laptop anmelden und sollte die 2 Faktor Authentfizierung im Auto bestätigen (Android Automotive mit Google Chrome) :D #androidautomotive #twofactor #it

I believe it's time to modify Laravel's Authentication flow for a two-step scenario.

It's very difficult to make 2FA unless you deal with a middleware that checks 2FA on EVERY REQUEST, instead of just at the login flow.

#PHP #Laravel #Authentication #Security #2FA #TwoFactorAuthentication #TwoFactor #Auth #Programming #SoftwareDevelopment #WebDevelopment #WebDev

Have you ADDED 2FA to your website? Have you added 2FA to your hosting providers? Have you added 2FA to your keyvault in Azure?

I have.

Maybe you should even if you aren't an enterprise. #2fa #twofactor #cybersecurity

The #Security illusion: Why #TwoFactor #Authentication is No Longer Enough
https://mawgoud.medium.com/the-security-illusion-why-two-factor-authentication-is-no-longer-enough-5985f50d78d5

If I want to migrate away from #Authy, which iOS App would I use these days?

I only need an iOS app. It should sync via iCloud without the need for other external accounts or servers. If I could export the data for the case I want to migrate again, that would be perfect.

No Chrome plugin, no desktop app. Nothing that saves my passwords together with ny #2FA codes. That would be absurd.

Is 2FAS okay? It seems like it's pretty much the best choice currently.

#TwoFactor #Security #iOS #AskFedi

WordPress > Secure your account on wp.org

Here is a good post about how to secure your account on wp.org with an additional security factor:

Setup Two-Factor authentication on wordPress.org
https://make.wordpress.org/meta/2023/09/26/set-up-two-factor-authentication-wordpress-org/

Just generated a passkey, set up a two-facor app and saved some backup codes. Only takes a few minutes and gives piece of mind.

(Especially recommended for theme and plugin authors 😉)

#WordPress #Login #Security #TFA #TwoFactor

First in the session came Murali et al.'s "Continuous Authentication Using Human-Induced Electric Potential", presenting a novel #twofactor #authentication using human-induced electric potential captured by wearables in contact with the user's body. (https://www.acsac.org/2023/program/final/s168.html) 2/5

Me arrepiento de usar Authy de Twilio para gestionar la autenticación de doble factor. No solo porque ya no dan soporte en Linux, sino que además no te da la opción de exportar las claves para irte a otro software.
Al final lo he conseguido usando un script creado por un héroe sin capa.
Lección que estaréis cansados de escuchar: no usar software libre sale caro.
#TwoFactor #twilio

New Ente Auth desktop 2FA app released:
https://alternativeto.net/news/2024/4/ente-releases-desktop-version-ente-auth-s-open-source-2fa-authenticator-app/

FFmpeg 7.0 released with Dolby Vision profile 10 support in AV1, HEIF/AVIF support, D3D12VA hardware accelerated H264, HEVC, VP9, AV1, MPEG-2 and VC1 decoding etc.:
https://9to5linux.com/ffmpeg-7-0-dijkstra-released-with-important-aarch64-optimizations-for-hevc

Kodi 21.0 released with FFmpeg 6.0, NFSv4, AVIF image support, support for reading/writing M3U8 playlists etc.:
https://9to5linux.com/kodi-21-0-omega-open-source-media-center-is-here-with-major-changes

4/4

#WeeklyNews #FOSS #OpenSource #Ente #2FA #FFmpeg #Kodi #MediaServer #TOTP #TwoFactor #FosseryTech

Ревизия аккаунтов потихоньку доходит до аккаунтов, которыми я не пользовался уже много лет. Смотрю, как сайты изменились.

#DeviantArt позволяет "деактивировать" аккаунт. На странице показывает плачущего робота ( :blobcatwut: ) и подробно перечисляет последствия "деактивации".

Задумался.
Гуляя по аккаунту, набрёл на вкладку Authentication, где встретил прямо-таки золото: двухфакторный вход доступен только по платной подписке. :blobcatheadache:

Я бы понял, если бы они отправляли SMS; но описание прямо там же утверждает, что код надо будет вводить из генератора — т. е. там банальный #TOTP, кроме разовых расходов на разработку эта фича ничего не расходует. :blobcatbolb:

Ну ладно. (Отключил аккаунт.)

#security #2fa #TwoFactor

A Pain-Free Way to Secure All Your Online Accounts

two-factor authentication—aka 2FA—is a time-sensitive code sent to you via text or generated by an app when you’re logging in somewhere.

An emerging technology called passkeys conveniently replaces both passwords and 2FA codes, but it’s only supported on a small number of sites. Until they’re ubiquitous, we’re stuck with pesky codes.

#password #passwords #2FA #twofactor #passkeys #security #cybersecurity #verification

https://www.wsj.com/tech/personal-tech/a-pain-free-way-to-secure-all-your-online-accounts-527cdecb