Projet

Général

Profil

Authentification » Historique » Version 62

Laurent GUERBY, 09/12/2017 21:46

1 1 Laurent GUERBY
{{>toc}}
2 1 Laurent GUERBY
3 1 Laurent GUERBY
h1. Authentification
4 1 Laurent GUERBY
5 25 Laurent GUERBY
h2. Liens
6 25 Laurent GUERBY
7 3 Laurent GUERBY
https://en.wikipedia.org/wiki/YubiKey
8 1 Laurent GUERBY
9 54 Laurent GUERBY
https://tech.slashdot.org/story/17/10/01/2130249/google-plans-upgrade-of-two-factor-authentication-for-politicians-and-ceos
10 54 Laurent GUERBY
11 62 Laurent GUERBY
https://www.evilsocket.net/2017/12/07/DIY-Portable-Secrets-Manager-with-a-RPI-Zero-and-the-ARC-Project/
12 62 Laurent GUERBY
13 55 Laurent GUERBY
https://lwn.net/Articles/734767/
14 55 Laurent GUERBY
Strategies for offline PGP key storage
15 55 Laurent GUERBY
16 60 Laurent GUERBY
https://lwn.net/Articles/736231/
17 60 Laurent GUERBY
A comparison of cryptographic keycards
18 60 Laurent GUERBY
19 61 Laurent GUERBY
https://www.imperialviolet.org/2017/10/08/securitykeytest.html
20 61 Laurent GUERBY
Testing Security Keys (08 Oct 2017)
21 61 Laurent GUERBY
22 61 Laurent GUERBY
https://github.com/hillbrad/U2FReviews#u2freviews
23 61 Laurent GUERBY
24 56 Laurent GUERBY
https://hackaday.com/2017/10/16/inside-two-factor-authentication-apps
25 56 Laurent GUERBY
26 59 Laurent GUERBY
https://www.nextinpact.com/brief/protonmail-proposera-sa-propre-cle-de-securite-u2f-789.htm
27 59 Laurent GUERBY
28 47 Laurent GUERBY
https://www.crowdsupply.com/nth-dimension/signet
29 48 Laurent GUERBY
$39 kicad design
30 1 Laurent GUERBY
31 57 Laurent GUERBY
https://protonmail.com/blog/encrypted_email_authentication/
32 57 Laurent GUERBY
https://tools.ietf.org/html/rfc2945
33 58 Laurent GUERBY
   The SRP Authentication and Key Exchange System Secure Remote Password (SRP)
34 57 Laurent GUERBY
35 57 Laurent GUERBY
36 48 Laurent GUERBY
https://www.crowdsupply.com/third-pin/pastilda
37 48 Laurent GUERBY
   $50 middle USB in out
38 48 Laurent GUERBY
   pas vraiment de design file dispo ?
39 48 Laurent GUERBY
   https://bitbucket.org/thirdpin_team/pastilda
40 48 Laurent GUERBY
   old https://github.com/thirdpin/pastilda
41 48 Laurent GUERBY
   
42 50 Laurent GUERBY
https://www.ory.am/run-oauth2-server-open-source-api-security.html
43 49 Laurent GUERBY
https://github.com/ory/hydra
44 49 Laurent GUERBY
   Oauth2 high performance
45 48 Laurent GUERBY
46 53 Laurent GUERBY
https://www.owasp.org/index.php/Authentication_Cheat_Sheet
47 53 Laurent GUERBY
  The Open Web Application Security Project
48 53 Laurent GUERBY
49 1 Laurent GUERBY
https://github.com/conorpp/u2f-zero
50 1 Laurent GUERBY
U2F Zero
51 1 Laurent GUERBY
U2F Zero is an open source U2F token for 2 factor authentication. It is implemented securely. It works with Google accounts, Github, Duo, OpenSSH, and anything else supporting U2F.
52 23 Laurent GUERBY
http://hackaday.com/2017/01/17/shmoocon-2017-the-ins-and-outs-of-manufacturing-and-selling-hardware/
53 36 Laurent GUERBY
https://www.u2fzero.com/
54 2 Laurent GUERBY
55 51 Laurent GUERBY
https://plus.google.com/+LaurenWeinstein/posts/avKcX7QmASi
56 51 Laurent GUERBY
Do I really need to bother with Google's 2-Step Verification system? I don't need more hassle and my passwords are pretty good.
57 51 Laurent GUERBY
58 52 Laurent GUERBY
https://lauren.vortex.com/2017/06/10/google-users-who-want-to-use-2-factor-protections-but-dont-understand-how
59 52 Laurent GUERBY
60 52 Laurent GUERBY
61 38 Laurent GUERBY
https://it.slashdot.org/story/17/05/04/218210/google-was-warned-about-this-weeks-mass-phishing-email-attack-six-years-ago
62 39 Laurent GUERBY
https://oauth.net/
63 41 Laurent GUERBY
https://arstechnica.com/security/2017/05/thieves-drain-2fa-protected-bank-accounts-by-abusing-ss7-routing-protocol/
64 38 Laurent GUERBY
65 12 Laurent GUERBY
http://arstechnica.com/security/2016/12/this-low-cost-device-may-be-the-worlds-best-hope-against-account-takeovers/
66 12 Laurent GUERBY
https://en.wikipedia.org/wiki/Universal_2nd_Factor
67 13 Laurent GUERBY
https://it.slashdot.org/story/16/12/24/0037256/u2f-security-keys-may-be-the-worlds-best-hope-against-account-takeovers
68 13 Laurent GUERBY
https://shop.nitrokey.com/shop/product/nitrokey-u2f-5
69 13 Laurent GUERBY
https://homepages.laas.fr/matthieu/talks/token-capitoul.pdf
70 14 Matthieu Herrb
https://github.com/ruimarinho/yubikey-handbook
71 37 Matthieu Herrb
https://research.kudelskisecurity.com/2017/04/28/configuring-yubikey-for-gpg-and-u2f/
72 12 Laurent GUERBY
73 7 Laurent GUERBY
http://hackaday.com/2016/09/29/taking-a-u2f-hardware-key-from-design-to-production/
74 7 Laurent GUERBY
75 1 Laurent GUERBY
https://m.nextinpact.com/news/102201-clefs-gpg-comment-stocker-et-utiliser-via-clef-usb-openpgp-card.htm
76 30 Guilhem Saurel
https://www.palkeo.com/sys/yubikey.html
77 29 Laurent GUERBY
78 24 Laurent GUERBY
http://www.limpkin.fr/index.php?post/2017/01/13/A-Mass-Programming-Bench-for-ATMega32u4-MCUs
79 40 Laurent GUERBY
80 40 Laurent GUERBY
https://www.themooltipass.com/
81 24 Laurent GUERBY
https://www.indiegogo.com/projects/mooltipass-open-source-offline-password-keeper
82 24 Laurent GUERBY
https://www.kickstarter.com/projects/limpkin/mooltipass-mini-your-passwords-on-the-go
83 24 Laurent GUERBY
84 2 Laurent GUERBY
https://raymii.org/s/articles/Get_Started_With_The_Nitrokey_HSM.html#SSH_Keys_with_the_HSM
85 2 Laurent GUERBY
86 16 Laurent GUERBY
https://media.ccc.de/v/33c3-8314-bootstraping_a_slightly_more_secure_laptop
87 16 Laurent GUERBY
88 15 Laurent GUERBY
https://portier.github.io/
89 15 Laurent GUERBY
90 2 Laurent GUERBY
https://sec2016.rmll.info/programme/#usb-armory
91 2 Laurent GUERBY
https://sec2016.rmll.info//files/
92 1 Laurent GUERBY
https://sec2016.rmll.info//files/20160704-02-Barisani-forging_the_usb_armory.pdf
93 48 Laurent GUERBY
https://www.crowdsupply.com/inverse-path/usb-armory
94 48 Laurent GUERBY
  $130
95 48 Laurent GUERBY
  kicad https://github.com/inversepath/usbarmory/tree/master/hardware
96 4 Laurent GUERBY
97 4 Laurent GUERBY
http://keithp.com/blogs/chaoskey/
98 4 Laurent GUERBY
http://saimei.acc.umu.se/pub/debian-meetings/2016/debconf16/Chaoskey_A_Hardware_Random_Number_Generator_for_Everyone.webm
99 5 Laurent GUERBY
100 5 Laurent GUERBY
http://www.nextinpact.com/news/100871-choisir-bon-mot-passe-regles-a-connaitre-pieges-a-eviter.htm
101 5 Laurent GUERBY
http://www.nextinpact.com/news/96167-u2f-double-authentification-par-clef-usb-se-repand-et-debarque-dans-dropbox.htm
102 6 Laurent GUERBY
https://forum.nextinpact.com/topic/157193-bien-g%C3%A9rer-ses-mots-de-passe/
103 5 Laurent GUERBY
https://fidoalliance.org/
104 18 Laurent GUERBY
https://blog.adafruit.com/2017/01/04/new-product-fido-u2f-security-key-u2f-usb-two-step-authentication-security/
105 19 Laurent GUERBY
https://www.ledgerwallet.com/products/12-ledger-nano-s
106 8 Laurent GUERBY
107 8 Laurent GUERBY
https://www.entrouvert.com/fr/identite-numerique/authentic-2/
108 9 Laurent GUERBY
109 9 Laurent GUERBY
110 9 Laurent GUERBY
https://indico.mathrice.fr/event/27/contribution/13/material/slides/0.pdf
111 9 Laurent GUERBY
Principe de fonctionnement OAuth2
112 10 Laurent GUERBY
113 10 Laurent GUERBY
http://blog.hansenpartnership.com/using-your-tpm-as-a-secure-key-store/
114 10 Laurent GUERBY
https://blog.filippo.io/giving-up-on-long-term-pgp/
115 11 Laurent GUERBY
116 11 Laurent GUERBY
https://www.ledgerwallet.com/products/12-ledger-nano-s 
117 11 Laurent GUERBY
https://github.com/LedgerHQ 
118 11 Laurent GUERBY
https://www.ledgerwallet.com/products/9-ledger-blue
119 17 Laurent GUERBY
120 17 Laurent GUERBY
http://digiposte.fr
121 17 Laurent GUERBY
edf, gdf, impots, assurances en auto via un id (?)
122 17 Laurent GUERBY
tu peux récupérer un zip des dossiers
123 20 Laurent GUERBY
124 20 Laurent GUERBY
125 20 Laurent GUERBY
https://lauren.vortex.com/2017/01/05/biting-the-bullet-its-time-to-require-2-factor-verified-logins
126 21 Laurent GUERBY
https://cloud.google.com/security/security-design/
127 22 Laurent GUERBY
https://github.com/google/key-transparency
128 27 Laurent GUERBY
https://www.facebook.com/notes/facebook-security/security-key-for-safer-logins-with-a-touch/10154125089265766
129 25 Laurent GUERBY
130 28 Laurent GUERBY
https://tech.slashdot.org/story/17/01/30/2023249/facebooks-new-tool-looks-to-replace-traditional-two-factor-authentication
131 28 Laurent GUERBY
https://www.facebook.com/notes/protect-the-graph/improving-account-security-with-delegated-recovery/1833022090271267
132 28 Laurent GUERBY
133 31 Laurent GUERBY
https://keybase.io/blog/keybase-chat
134 31 Laurent GUERBY
135 32 Laurent GUERBY
https://arstechnica.com/gadgets/2017/02/no-key-no-login-g-suite-admins-can-now-make-fido-security-keys-mandatory/
136 32 Laurent GUERBY
137 33 Matthieu Herrb
https://chown.me/blog/my-recent-journey-with-2FA.html
138 33 Matthieu Herrb
139 34 Laurent GUERBY
https://korben.info/keybox-console-centraliser-vos-acces-ssh.html
140 34 Laurent GUERBY
http://sshkeybox.com/
141 34 Laurent GUERBY
142 42 Laurent GUERBY
https://github.com/lipp/login-with
143 42 Laurent GUERBY
144 43 Laurent GUERBY
https://blog.plan99.net/building-account-systems-f790bf5fdbe0
145 43 Laurent GUERBY
https://www.troyhunt.com/passwords-evolved-authentication-guidance-for-the-modern-era/
146 44 Laurent GUERBY
https://www.troyhunt.com/password-managers-dont-have-to-be-perfect-they-just-have-to-be-better-than-not-having-one/
147 45 Laurent GUERBY
https://www.owasp.org/index.php/Password_Storage_Cheat_Sheet
148 45 Laurent GUERBY
https://blogs.dropbox.com/tech/2016/09/how-dropbox-securely-stores-your-passwords/
149 46 Laurent GUERBY
https://www.troyhunt.com/introducing-306-million-freely-downloadable-pwned-passwords/
150 43 Laurent GUERBY
151 25 Laurent GUERBY
h2. Passwords
152 25 Laurent GUERBY
153 26 Guilhem Saurel
https://www.passwordstore.org/
154 25 Laurent GUERBY
https://keepassxreboot.github.io/project
155 35 Laurent GUERBY
https://ask.slashdot.org/story/17/03/08/212244/ask-slashdot-should-you-use-password-managers