Projet

Général

Profil

Authentification » Historique » Version 53

Laurent GUERBY, 24/09/2017 15:09

1 1 Laurent GUERBY
{{>toc}}
2 1 Laurent GUERBY
3 1 Laurent GUERBY
h1. Authentification
4 1 Laurent GUERBY
5 25 Laurent GUERBY
h2. Liens
6 25 Laurent GUERBY
7 3 Laurent GUERBY
https://en.wikipedia.org/wiki/YubiKey
8 1 Laurent GUERBY
9 47 Laurent GUERBY
https://www.crowdsupply.com/nth-dimension/signet
10 48 Laurent GUERBY
$39 kicad design
11 1 Laurent GUERBY
12 48 Laurent GUERBY
https://www.crowdsupply.com/third-pin/pastilda
13 48 Laurent GUERBY
   $50 middle USB in out
14 48 Laurent GUERBY
   pas vraiment de design file dispo ?
15 48 Laurent GUERBY
   https://bitbucket.org/thirdpin_team/pastilda
16 48 Laurent GUERBY
   old https://github.com/thirdpin/pastilda
17 48 Laurent GUERBY
   
18 50 Laurent GUERBY
https://www.ory.am/run-oauth2-server-open-source-api-security.html
19 49 Laurent GUERBY
https://github.com/ory/hydra
20 49 Laurent GUERBY
   Oauth2 high performance
21 48 Laurent GUERBY
22 53 Laurent GUERBY
https://www.owasp.org/index.php/Authentication_Cheat_Sheet
23 53 Laurent GUERBY
  The Open Web Application Security Project
24 53 Laurent GUERBY
25 1 Laurent GUERBY
https://github.com/conorpp/u2f-zero
26 1 Laurent GUERBY
U2F Zero
27 1 Laurent GUERBY
U2F Zero is an open source U2F token for 2 factor authentication. It is implemented securely. It works with Google accounts, Github, Duo, OpenSSH, and anything else supporting U2F.
28 23 Laurent GUERBY
http://hackaday.com/2017/01/17/shmoocon-2017-the-ins-and-outs-of-manufacturing-and-selling-hardware/
29 36 Laurent GUERBY
https://www.u2fzero.com/
30 2 Laurent GUERBY
31 51 Laurent GUERBY
https://plus.google.com/+LaurenWeinstein/posts/avKcX7QmASi
32 51 Laurent GUERBY
Do I really need to bother with Google's 2-Step Verification system? I don't need more hassle and my passwords are pretty good.
33 51 Laurent GUERBY
34 52 Laurent GUERBY
https://lauren.vortex.com/2017/06/10/google-users-who-want-to-use-2-factor-protections-but-dont-understand-how
35 52 Laurent GUERBY
36 52 Laurent GUERBY
37 38 Laurent GUERBY
https://it.slashdot.org/story/17/05/04/218210/google-was-warned-about-this-weeks-mass-phishing-email-attack-six-years-ago
38 39 Laurent GUERBY
https://oauth.net/
39 41 Laurent GUERBY
https://arstechnica.com/security/2017/05/thieves-drain-2fa-protected-bank-accounts-by-abusing-ss7-routing-protocol/
40 38 Laurent GUERBY
41 12 Laurent GUERBY
http://arstechnica.com/security/2016/12/this-low-cost-device-may-be-the-worlds-best-hope-against-account-takeovers/
42 12 Laurent GUERBY
https://en.wikipedia.org/wiki/Universal_2nd_Factor
43 13 Laurent GUERBY
https://it.slashdot.org/story/16/12/24/0037256/u2f-security-keys-may-be-the-worlds-best-hope-against-account-takeovers
44 13 Laurent GUERBY
https://shop.nitrokey.com/shop/product/nitrokey-u2f-5
45 13 Laurent GUERBY
https://homepages.laas.fr/matthieu/talks/token-capitoul.pdf
46 14 Matthieu Herrb
https://github.com/ruimarinho/yubikey-handbook
47 37 Matthieu Herrb
https://research.kudelskisecurity.com/2017/04/28/configuring-yubikey-for-gpg-and-u2f/
48 12 Laurent GUERBY
49 7 Laurent GUERBY
http://hackaday.com/2016/09/29/taking-a-u2f-hardware-key-from-design-to-production/
50 7 Laurent GUERBY
51 1 Laurent GUERBY
https://m.nextinpact.com/news/102201-clefs-gpg-comment-stocker-et-utiliser-via-clef-usb-openpgp-card.htm
52 30 Guilhem Saurel
https://www.palkeo.com/sys/yubikey.html
53 29 Laurent GUERBY
54 24 Laurent GUERBY
http://www.limpkin.fr/index.php?post/2017/01/13/A-Mass-Programming-Bench-for-ATMega32u4-MCUs
55 40 Laurent GUERBY
56 40 Laurent GUERBY
https://www.themooltipass.com/
57 24 Laurent GUERBY
https://www.indiegogo.com/projects/mooltipass-open-source-offline-password-keeper
58 24 Laurent GUERBY
https://www.kickstarter.com/projects/limpkin/mooltipass-mini-your-passwords-on-the-go
59 24 Laurent GUERBY
60 2 Laurent GUERBY
https://raymii.org/s/articles/Get_Started_With_The_Nitrokey_HSM.html#SSH_Keys_with_the_HSM
61 2 Laurent GUERBY
62 16 Laurent GUERBY
https://media.ccc.de/v/33c3-8314-bootstraping_a_slightly_more_secure_laptop
63 16 Laurent GUERBY
64 15 Laurent GUERBY
https://portier.github.io/
65 15 Laurent GUERBY
66 2 Laurent GUERBY
https://sec2016.rmll.info/programme/#usb-armory
67 2 Laurent GUERBY
https://sec2016.rmll.info//files/
68 1 Laurent GUERBY
https://sec2016.rmll.info//files/20160704-02-Barisani-forging_the_usb_armory.pdf
69 48 Laurent GUERBY
https://www.crowdsupply.com/inverse-path/usb-armory
70 48 Laurent GUERBY
  $130
71 48 Laurent GUERBY
  kicad https://github.com/inversepath/usbarmory/tree/master/hardware
72 4 Laurent GUERBY
73 4 Laurent GUERBY
http://keithp.com/blogs/chaoskey/
74 4 Laurent GUERBY
http://saimei.acc.umu.se/pub/debian-meetings/2016/debconf16/Chaoskey_A_Hardware_Random_Number_Generator_for_Everyone.webm
75 5 Laurent GUERBY
76 5 Laurent GUERBY
http://www.nextinpact.com/news/100871-choisir-bon-mot-passe-regles-a-connaitre-pieges-a-eviter.htm
77 5 Laurent GUERBY
http://www.nextinpact.com/news/96167-u2f-double-authentification-par-clef-usb-se-repand-et-debarque-dans-dropbox.htm
78 6 Laurent GUERBY
https://forum.nextinpact.com/topic/157193-bien-g%C3%A9rer-ses-mots-de-passe/
79 5 Laurent GUERBY
https://fidoalliance.org/
80 18 Laurent GUERBY
https://blog.adafruit.com/2017/01/04/new-product-fido-u2f-security-key-u2f-usb-two-step-authentication-security/
81 19 Laurent GUERBY
https://www.ledgerwallet.com/products/12-ledger-nano-s
82 8 Laurent GUERBY
83 8 Laurent GUERBY
https://www.entrouvert.com/fr/identite-numerique/authentic-2/
84 9 Laurent GUERBY
85 9 Laurent GUERBY
86 9 Laurent GUERBY
https://indico.mathrice.fr/event/27/contribution/13/material/slides/0.pdf
87 9 Laurent GUERBY
Principe de fonctionnement OAuth2
88 10 Laurent GUERBY
89 10 Laurent GUERBY
http://blog.hansenpartnership.com/using-your-tpm-as-a-secure-key-store/
90 10 Laurent GUERBY
https://blog.filippo.io/giving-up-on-long-term-pgp/
91 11 Laurent GUERBY
92 11 Laurent GUERBY
https://www.ledgerwallet.com/products/12-ledger-nano-s 
93 11 Laurent GUERBY
https://github.com/LedgerHQ 
94 11 Laurent GUERBY
https://www.ledgerwallet.com/products/9-ledger-blue
95 17 Laurent GUERBY
96 17 Laurent GUERBY
http://digiposte.fr
97 17 Laurent GUERBY
edf, gdf, impots, assurances en auto via un id (?)
98 17 Laurent GUERBY
tu peux récupérer un zip des dossiers
99 20 Laurent GUERBY
100 20 Laurent GUERBY
101 20 Laurent GUERBY
https://lauren.vortex.com/2017/01/05/biting-the-bullet-its-time-to-require-2-factor-verified-logins
102 21 Laurent GUERBY
https://cloud.google.com/security/security-design/
103 22 Laurent GUERBY
https://github.com/google/key-transparency
104 27 Laurent GUERBY
https://www.facebook.com/notes/facebook-security/security-key-for-safer-logins-with-a-touch/10154125089265766
105 25 Laurent GUERBY
106 28 Laurent GUERBY
https://tech.slashdot.org/story/17/01/30/2023249/facebooks-new-tool-looks-to-replace-traditional-two-factor-authentication
107 28 Laurent GUERBY
https://www.facebook.com/notes/protect-the-graph/improving-account-security-with-delegated-recovery/1833022090271267
108 28 Laurent GUERBY
109 31 Laurent GUERBY
https://keybase.io/blog/keybase-chat
110 31 Laurent GUERBY
111 32 Laurent GUERBY
https://arstechnica.com/gadgets/2017/02/no-key-no-login-g-suite-admins-can-now-make-fido-security-keys-mandatory/
112 32 Laurent GUERBY
113 33 Matthieu Herrb
https://chown.me/blog/my-recent-journey-with-2FA.html
114 33 Matthieu Herrb
115 34 Laurent GUERBY
https://korben.info/keybox-console-centraliser-vos-acces-ssh.html
116 34 Laurent GUERBY
http://sshkeybox.com/
117 34 Laurent GUERBY
118 42 Laurent GUERBY
https://github.com/lipp/login-with
119 42 Laurent GUERBY
120 43 Laurent GUERBY
https://blog.plan99.net/building-account-systems-f790bf5fdbe0
121 43 Laurent GUERBY
https://www.troyhunt.com/passwords-evolved-authentication-guidance-for-the-modern-era/
122 44 Laurent GUERBY
https://www.troyhunt.com/password-managers-dont-have-to-be-perfect-they-just-have-to-be-better-than-not-having-one/
123 45 Laurent GUERBY
https://www.owasp.org/index.php/Password_Storage_Cheat_Sheet
124 45 Laurent GUERBY
https://blogs.dropbox.com/tech/2016/09/how-dropbox-securely-stores-your-passwords/
125 46 Laurent GUERBY
https://www.troyhunt.com/introducing-306-million-freely-downloadable-pwned-passwords/
126 43 Laurent GUERBY
127 25 Laurent GUERBY
h2. Passwords
128 25 Laurent GUERBY
129 26 Guilhem Saurel
https://www.passwordstore.org/
130 25 Laurent GUERBY
https://keepassxreboot.github.io/project
131 35 Laurent GUERBY
https://ask.slashdot.org/story/17/03/08/212244/ask-slashdot-should-you-use-password-managers