Projet

Général

Profil

Authentification » Historique » Version 51

Laurent GUERBY, 06/09/2017 19:35

1 1 Laurent GUERBY
{{>toc}}
2 1 Laurent GUERBY
3 1 Laurent GUERBY
h1. Authentification
4 1 Laurent GUERBY
5 25 Laurent GUERBY
h2. Liens
6 25 Laurent GUERBY
7 3 Laurent GUERBY
https://en.wikipedia.org/wiki/YubiKey
8 1 Laurent GUERBY
9 47 Laurent GUERBY
https://www.crowdsupply.com/nth-dimension/signet
10 48 Laurent GUERBY
$39 kicad design
11 1 Laurent GUERBY
12 48 Laurent GUERBY
https://www.crowdsupply.com/third-pin/pastilda
13 48 Laurent GUERBY
   $50 middle USB in out
14 48 Laurent GUERBY
   pas vraiment de design file dispo ?
15 48 Laurent GUERBY
   https://bitbucket.org/thirdpin_team/pastilda
16 48 Laurent GUERBY
   old https://github.com/thirdpin/pastilda
17 48 Laurent GUERBY
   
18 50 Laurent GUERBY
https://www.ory.am/run-oauth2-server-open-source-api-security.html
19 49 Laurent GUERBY
https://github.com/ory/hydra
20 49 Laurent GUERBY
   Oauth2 high performance
21 48 Laurent GUERBY
22 1 Laurent GUERBY
https://github.com/conorpp/u2f-zero
23 1 Laurent GUERBY
U2F Zero
24 1 Laurent GUERBY
U2F Zero is an open source U2F token for 2 factor authentication. It is implemented securely. It works with Google accounts, Github, Duo, OpenSSH, and anything else supporting U2F.
25 23 Laurent GUERBY
http://hackaday.com/2017/01/17/shmoocon-2017-the-ins-and-outs-of-manufacturing-and-selling-hardware/
26 36 Laurent GUERBY
https://www.u2fzero.com/
27 2 Laurent GUERBY
28 51 Laurent GUERBY
https://plus.google.com/+LaurenWeinstein/posts/avKcX7QmASi
29 51 Laurent GUERBY
Do I really need to bother with Google's 2-Step Verification system? I don't need more hassle and my passwords are pretty good.
30 51 Laurent GUERBY
31 38 Laurent GUERBY
https://it.slashdot.org/story/17/05/04/218210/google-was-warned-about-this-weeks-mass-phishing-email-attack-six-years-ago
32 39 Laurent GUERBY
https://oauth.net/
33 41 Laurent GUERBY
https://arstechnica.com/security/2017/05/thieves-drain-2fa-protected-bank-accounts-by-abusing-ss7-routing-protocol/
34 38 Laurent GUERBY
35 12 Laurent GUERBY
http://arstechnica.com/security/2016/12/this-low-cost-device-may-be-the-worlds-best-hope-against-account-takeovers/
36 12 Laurent GUERBY
https://en.wikipedia.org/wiki/Universal_2nd_Factor
37 13 Laurent GUERBY
https://it.slashdot.org/story/16/12/24/0037256/u2f-security-keys-may-be-the-worlds-best-hope-against-account-takeovers
38 13 Laurent GUERBY
https://shop.nitrokey.com/shop/product/nitrokey-u2f-5
39 13 Laurent GUERBY
https://homepages.laas.fr/matthieu/talks/token-capitoul.pdf
40 14 Matthieu Herrb
https://github.com/ruimarinho/yubikey-handbook
41 37 Matthieu Herrb
https://research.kudelskisecurity.com/2017/04/28/configuring-yubikey-for-gpg-and-u2f/
42 12 Laurent GUERBY
43 7 Laurent GUERBY
http://hackaday.com/2016/09/29/taking-a-u2f-hardware-key-from-design-to-production/
44 7 Laurent GUERBY
45 1 Laurent GUERBY
https://m.nextinpact.com/news/102201-clefs-gpg-comment-stocker-et-utiliser-via-clef-usb-openpgp-card.htm
46 30 Guilhem Saurel
https://www.palkeo.com/sys/yubikey.html
47 29 Laurent GUERBY
48 24 Laurent GUERBY
http://www.limpkin.fr/index.php?post/2017/01/13/A-Mass-Programming-Bench-for-ATMega32u4-MCUs
49 40 Laurent GUERBY
50 40 Laurent GUERBY
https://www.themooltipass.com/
51 24 Laurent GUERBY
https://www.indiegogo.com/projects/mooltipass-open-source-offline-password-keeper
52 24 Laurent GUERBY
https://www.kickstarter.com/projects/limpkin/mooltipass-mini-your-passwords-on-the-go
53 24 Laurent GUERBY
54 2 Laurent GUERBY
https://raymii.org/s/articles/Get_Started_With_The_Nitrokey_HSM.html#SSH_Keys_with_the_HSM
55 2 Laurent GUERBY
56 16 Laurent GUERBY
https://media.ccc.de/v/33c3-8314-bootstraping_a_slightly_more_secure_laptop
57 16 Laurent GUERBY
58 15 Laurent GUERBY
https://portier.github.io/
59 15 Laurent GUERBY
60 2 Laurent GUERBY
https://sec2016.rmll.info/programme/#usb-armory
61 2 Laurent GUERBY
https://sec2016.rmll.info//files/
62 1 Laurent GUERBY
https://sec2016.rmll.info//files/20160704-02-Barisani-forging_the_usb_armory.pdf
63 48 Laurent GUERBY
https://www.crowdsupply.com/inverse-path/usb-armory
64 48 Laurent GUERBY
  $130
65 48 Laurent GUERBY
  kicad https://github.com/inversepath/usbarmory/tree/master/hardware
66 4 Laurent GUERBY
67 4 Laurent GUERBY
http://keithp.com/blogs/chaoskey/
68 4 Laurent GUERBY
http://saimei.acc.umu.se/pub/debian-meetings/2016/debconf16/Chaoskey_A_Hardware_Random_Number_Generator_for_Everyone.webm
69 5 Laurent GUERBY
70 5 Laurent GUERBY
http://www.nextinpact.com/news/100871-choisir-bon-mot-passe-regles-a-connaitre-pieges-a-eviter.htm
71 5 Laurent GUERBY
http://www.nextinpact.com/news/96167-u2f-double-authentification-par-clef-usb-se-repand-et-debarque-dans-dropbox.htm
72 6 Laurent GUERBY
https://forum.nextinpact.com/topic/157193-bien-g%C3%A9rer-ses-mots-de-passe/
73 5 Laurent GUERBY
https://fidoalliance.org/
74 18 Laurent GUERBY
https://blog.adafruit.com/2017/01/04/new-product-fido-u2f-security-key-u2f-usb-two-step-authentication-security/
75 19 Laurent GUERBY
https://www.ledgerwallet.com/products/12-ledger-nano-s
76 8 Laurent GUERBY
77 8 Laurent GUERBY
https://www.entrouvert.com/fr/identite-numerique/authentic-2/
78 9 Laurent GUERBY
79 9 Laurent GUERBY
80 9 Laurent GUERBY
https://indico.mathrice.fr/event/27/contribution/13/material/slides/0.pdf
81 9 Laurent GUERBY
Principe de fonctionnement OAuth2
82 10 Laurent GUERBY
83 10 Laurent GUERBY
http://blog.hansenpartnership.com/using-your-tpm-as-a-secure-key-store/
84 10 Laurent GUERBY
https://blog.filippo.io/giving-up-on-long-term-pgp/
85 11 Laurent GUERBY
86 11 Laurent GUERBY
https://www.ledgerwallet.com/products/12-ledger-nano-s 
87 11 Laurent GUERBY
https://github.com/LedgerHQ 
88 11 Laurent GUERBY
https://www.ledgerwallet.com/products/9-ledger-blue
89 17 Laurent GUERBY
90 17 Laurent GUERBY
http://digiposte.fr
91 17 Laurent GUERBY
edf, gdf, impots, assurances en auto via un id (?)
92 17 Laurent GUERBY
tu peux récupérer un zip des dossiers
93 20 Laurent GUERBY
94 20 Laurent GUERBY
95 20 Laurent GUERBY
https://lauren.vortex.com/2017/01/05/biting-the-bullet-its-time-to-require-2-factor-verified-logins
96 21 Laurent GUERBY
https://cloud.google.com/security/security-design/
97 22 Laurent GUERBY
https://github.com/google/key-transparency
98 27 Laurent GUERBY
https://www.facebook.com/notes/facebook-security/security-key-for-safer-logins-with-a-touch/10154125089265766
99 25 Laurent GUERBY
100 28 Laurent GUERBY
https://tech.slashdot.org/story/17/01/30/2023249/facebooks-new-tool-looks-to-replace-traditional-two-factor-authentication
101 28 Laurent GUERBY
https://www.facebook.com/notes/protect-the-graph/improving-account-security-with-delegated-recovery/1833022090271267
102 28 Laurent GUERBY
103 31 Laurent GUERBY
https://keybase.io/blog/keybase-chat
104 31 Laurent GUERBY
105 32 Laurent GUERBY
https://arstechnica.com/gadgets/2017/02/no-key-no-login-g-suite-admins-can-now-make-fido-security-keys-mandatory/
106 32 Laurent GUERBY
107 33 Matthieu Herrb
https://chown.me/blog/my-recent-journey-with-2FA.html
108 33 Matthieu Herrb
109 34 Laurent GUERBY
https://korben.info/keybox-console-centraliser-vos-acces-ssh.html
110 34 Laurent GUERBY
http://sshkeybox.com/
111 34 Laurent GUERBY
112 42 Laurent GUERBY
https://github.com/lipp/login-with
113 42 Laurent GUERBY
114 43 Laurent GUERBY
https://blog.plan99.net/building-account-systems-f790bf5fdbe0
115 43 Laurent GUERBY
https://www.troyhunt.com/passwords-evolved-authentication-guidance-for-the-modern-era/
116 44 Laurent GUERBY
https://www.troyhunt.com/password-managers-dont-have-to-be-perfect-they-just-have-to-be-better-than-not-having-one/
117 45 Laurent GUERBY
https://www.owasp.org/index.php/Password_Storage_Cheat_Sheet
118 45 Laurent GUERBY
https://blogs.dropbox.com/tech/2016/09/how-dropbox-securely-stores-your-passwords/
119 46 Laurent GUERBY
https://www.troyhunt.com/introducing-306-million-freely-downloadable-pwned-passwords/
120 43 Laurent GUERBY
121 25 Laurent GUERBY
h2. Passwords
122 25 Laurent GUERBY
123 26 Guilhem Saurel
https://www.passwordstore.org/
124 25 Laurent GUERBY
https://keepassxreboot.github.io/project
125 35 Laurent GUERBY
https://ask.slashdot.org/story/17/03/08/212244/ask-slashdot-should-you-use-password-managers