[ Date Index ]
[ Thread Index ]
[ <= Previous by date /
thread ]
[ Next by date /
thread => ]
Re: [LUG] 2FA
- To: "RODRIGUEZ, Dom (Dev) via list" <list@xxxxxxxxxxxxx>
- Subject: Re: [LUG] 2FA
- From: Henry Bremridge <henry.bremridge@xxxxxxxxx>
- Date: Thu, 4 Jun 2020 13:43:40 +0100
- Content-disposition: inline
- Delivered-to: dclug@xxxxxxxxxxxxxxxxxxxxx
- Dkim-signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=dcglug.org.uk; s=1586423162; h=Sender:Content-Transfer-Encoding: Content-Type:Reply-To:List-Subscribe:List-Help:List-Post:List-Unsubscribe: List-Id:Subject:In-Reply-To:MIME-Version:References:Message-ID:To:From:Date: Cc:Content-ID:Content-Description:Resent-Date:Resent-From:Resent-Sender: Resent-To:Resent-Cc:Resent-Message-ID:List-Owner:List-Archive; bh=zx0L06LTzVy+yWae8dg1Ty66uHgYYTodl3mDUfDFgpM=; b=EfrHy4aCvN8vhZ5ONj5m49FTYF iuCKQvm3GU9QIzo9Swt8YXGivAYnpE0fRcsUvo/PD7XJoaSqJ1T27/1MFFm9R7fOWRjySTfb21ABE OYbVAPVKkvs1ILvRJE3gkfDvN2ep1jiN/6vY8ku2wbn5HgH4XgJmtDZxjIl3cYLEDAH4=;
- Dkim-signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=mxes.net; s=mta; t=1591274623; bh=fuv7upEdU81IdjWfTb6/MkYUSqq9s9nP67FEIMURWj0=; h=Date:From:To:Subject:Message-ID:References:MIME-Version: Content-Type:In-Reply-To; b=kGuqUQ4COFMx80DJrQRwpQo6LZ/tpKkQs0IUA7UiRmm/fnS5zbGq4X6NTxcVSi4nd DHopj8PAOckSvAZ3aGhfhvznRI/udNWLdKd5ih65qbCeaO8Upu+tIysNxwPRo1w0GR Kd/A+9RQx8XANvIRVyPp+v+/M4wMz61DepWGpQlc=
- Dkim-signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=xobie.com; s=henry-201902-xobie; t=1591274622; bh=fuv7upEdU81IdjWfTb6/MkYUSqq9s9nP67FEIMURWj0=; h=Date:From:To:Subject:References:In-Reply-To:From; b=D7mg1kMZ1YN/wxrksew/dsC8h6EIGyyFyCw68jI4c3mbvb6gTcYeRbFzI/57ivgNL kCSF+W5LVr6ATCXNLFNtFVgFvrA+mU18cKirISKIRJydFXiA+/C4Cf/eSbBKgim7jM Pv01oDhALlp+Muc3gnzLLpaGP7Ol21/w7wempF1M=
- Mail-followup-to: "RODRIGUEZ, Dom (Dev) via list" <list@xxxxxxxxxxxxx>
On Thu, Jun 04, 2020 at 01:26:14PM +0100, RODRIGUEZ, Dom (Dev) via list wrote:
> I would recommend reading into 2FA in depth.
>
> What sort of things are you looking to protect with 2FA? AD?
>
> I have a SoloKey (U2F/FIDO2), which uses the same processes as a
> Yubikey, but its open source. I also have a Yubikey.
>
> The other type of 2FA is a one-time code - TOTP.
>
> Although really I'm not sure what to advise without knowing more about
> your requirements.
One of the main online client databases
(https://www.intelligent-office.net/nio/authentication/login) has said
1. Using just a smime key is not safe enough because it can be copied
2. So they want everyone to use username and password with a 2FA key
I need a device that I can use on multiple devices (debian, windows,
Android)
- Yubikey appears more secure but I am stuffed if the damn thing is lost
- Authy has cloud back up
And once I start using 2FA then I will want to use it for all, if I can.
--
Henry
Communication not signed with an original manual signature or an appropriately
verified digital signature is not binding.
Thu 4 Jun 13:43:01 BST 2020
--
The Mailing List for the Devon & Cornwall LUG
https://mailman.dcglug.org.uk/listinfo/list
FAQ: http://www.dcglug.org.uk/listfaq