Projet

Général

Profil

Authentification » Historique » Version 69

Laurent GUERBY, 15/04/2018 22:01

1 1 Laurent GUERBY
{{>toc}}
2 1 Laurent GUERBY
3 1 Laurent GUERBY
h1. Authentification
4 1 Laurent GUERBY
5 25 Laurent GUERBY
h2. Liens
6 25 Laurent GUERBY
7 3 Laurent GUERBY
https://en.wikipedia.org/wiki/YubiKey
8 1 Laurent GUERBY
9 66 Laurent GUERBY
https://0day.work/using-a-yubikey-for-gpg-and-ssh/
10 66 Laurent GUERBY
11 54 Laurent GUERBY
https://tech.slashdot.org/story/17/10/01/2130249/google-plans-upgrade-of-two-factor-authentication-for-politicians-and-ceos
12 54 Laurent GUERBY
13 62 Laurent GUERBY
https://www.evilsocket.net/2017/12/07/DIY-Portable-Secrets-Manager-with-a-RPI-Zero-and-the-ARC-Project/
14 62 Laurent GUERBY
15 55 Laurent GUERBY
https://lwn.net/Articles/734767/
16 55 Laurent GUERBY
Strategies for offline PGP key storage
17 55 Laurent GUERBY
18 68 Laurent GUERBY
https://blog.cloudflare.com/how-developers-got-password-security-so-wrong/
19 68 Laurent GUERBY
20 67 Laurent GUERBY
https://www.crowdsupply.com/sutajio-kosagi/tomu
21 67 Laurent GUERBY
22 60 Laurent GUERBY
https://lwn.net/Articles/736231/
23 60 Laurent GUERBY
A comparison of cryptographic keycards
24 60 Laurent GUERBY
25 69 Laurent GUERBY
https://lwn.net/Articles/750430/
26 69 Laurent GUERBY
Free Nitrokey cryptographic cards for kernel developers
27 69 Laurent GUERBY
28 63 Laurent GUERBY
https://hackaday.com/2017/12/14/using-gmail-with-oauth2-in-linux-and-on-an-esp8266/
29 63 Laurent GUERBY
30 61 Laurent GUERBY
https://www.imperialviolet.org/2017/10/08/securitykeytest.html
31 61 Laurent GUERBY
Testing Security Keys (08 Oct 2017)
32 61 Laurent GUERBY
33 61 Laurent GUERBY
https://github.com/hillbrad/U2FReviews#u2freviews
34 61 Laurent GUERBY
35 65 Laurent GUERBY
https://hackaday.com/2018/01/04/two-factor-authentication-with-the-esp8266/
36 65 Laurent GUERBY
37 56 Laurent GUERBY
https://hackaday.com/2017/10/16/inside-two-factor-authentication-apps
38 56 Laurent GUERBY
39 59 Laurent GUERBY
https://www.nextinpact.com/brief/protonmail-proposera-sa-propre-cle-de-securite-u2f-789.htm
40 59 Laurent GUERBY
41 47 Laurent GUERBY
https://www.crowdsupply.com/nth-dimension/signet
42 48 Laurent GUERBY
$39 kicad design
43 1 Laurent GUERBY
44 64 Laurent GUERBY
https://www.libre-parcours.net/post/comment-je-gere-mes-mots-de-passe/
45 64 Laurent GUERBY
46 57 Laurent GUERBY
https://protonmail.com/blog/encrypted_email_authentication/
47 57 Laurent GUERBY
https://tools.ietf.org/html/rfc2945
48 58 Laurent GUERBY
   The SRP Authentication and Key Exchange System Secure Remote Password (SRP)
49 57 Laurent GUERBY
50 57 Laurent GUERBY
51 48 Laurent GUERBY
https://www.crowdsupply.com/third-pin/pastilda
52 48 Laurent GUERBY
   $50 middle USB in out
53 48 Laurent GUERBY
   pas vraiment de design file dispo ?
54 48 Laurent GUERBY
   https://bitbucket.org/thirdpin_team/pastilda
55 48 Laurent GUERBY
   old https://github.com/thirdpin/pastilda
56 48 Laurent GUERBY
   
57 50 Laurent GUERBY
https://www.ory.am/run-oauth2-server-open-source-api-security.html
58 49 Laurent GUERBY
https://github.com/ory/hydra
59 49 Laurent GUERBY
   Oauth2 high performance
60 48 Laurent GUERBY
61 53 Laurent GUERBY
https://www.owasp.org/index.php/Authentication_Cheat_Sheet
62 53 Laurent GUERBY
  The Open Web Application Security Project
63 53 Laurent GUERBY
64 1 Laurent GUERBY
https://github.com/conorpp/u2f-zero
65 1 Laurent GUERBY
U2F Zero
66 1 Laurent GUERBY
U2F Zero is an open source U2F token for 2 factor authentication. It is implemented securely. It works with Google accounts, Github, Duo, OpenSSH, and anything else supporting U2F.
67 23 Laurent GUERBY
http://hackaday.com/2017/01/17/shmoocon-2017-the-ins-and-outs-of-manufacturing-and-selling-hardware/
68 36 Laurent GUERBY
https://www.u2fzero.com/
69 2 Laurent GUERBY
70 51 Laurent GUERBY
https://plus.google.com/+LaurenWeinstein/posts/avKcX7QmASi
71 51 Laurent GUERBY
Do I really need to bother with Google's 2-Step Verification system? I don't need more hassle and my passwords are pretty good.
72 51 Laurent GUERBY
73 52 Laurent GUERBY
https://lauren.vortex.com/2017/06/10/google-users-who-want-to-use-2-factor-protections-but-dont-understand-how
74 52 Laurent GUERBY
75 52 Laurent GUERBY
76 38 Laurent GUERBY
https://it.slashdot.org/story/17/05/04/218210/google-was-warned-about-this-weeks-mass-phishing-email-attack-six-years-ago
77 39 Laurent GUERBY
https://oauth.net/
78 41 Laurent GUERBY
https://arstechnica.com/security/2017/05/thieves-drain-2fa-protected-bank-accounts-by-abusing-ss7-routing-protocol/
79 38 Laurent GUERBY
80 12 Laurent GUERBY
http://arstechnica.com/security/2016/12/this-low-cost-device-may-be-the-worlds-best-hope-against-account-takeovers/
81 12 Laurent GUERBY
https://en.wikipedia.org/wiki/Universal_2nd_Factor
82 13 Laurent GUERBY
https://it.slashdot.org/story/16/12/24/0037256/u2f-security-keys-may-be-the-worlds-best-hope-against-account-takeovers
83 13 Laurent GUERBY
https://shop.nitrokey.com/shop/product/nitrokey-u2f-5
84 13 Laurent GUERBY
https://homepages.laas.fr/matthieu/talks/token-capitoul.pdf
85 14 Matthieu Herrb
https://github.com/ruimarinho/yubikey-handbook
86 37 Matthieu Herrb
https://research.kudelskisecurity.com/2017/04/28/configuring-yubikey-for-gpg-and-u2f/
87 12 Laurent GUERBY
88 7 Laurent GUERBY
http://hackaday.com/2016/09/29/taking-a-u2f-hardware-key-from-design-to-production/
89 7 Laurent GUERBY
90 1 Laurent GUERBY
https://m.nextinpact.com/news/102201-clefs-gpg-comment-stocker-et-utiliser-via-clef-usb-openpgp-card.htm
91 30 Guilhem Saurel
https://www.palkeo.com/sys/yubikey.html
92 29 Laurent GUERBY
93 24 Laurent GUERBY
http://www.limpkin.fr/index.php?post/2017/01/13/A-Mass-Programming-Bench-for-ATMega32u4-MCUs
94 40 Laurent GUERBY
95 40 Laurent GUERBY
https://www.themooltipass.com/
96 24 Laurent GUERBY
https://www.indiegogo.com/projects/mooltipass-open-source-offline-password-keeper
97 24 Laurent GUERBY
https://www.kickstarter.com/projects/limpkin/mooltipass-mini-your-passwords-on-the-go
98 24 Laurent GUERBY
99 2 Laurent GUERBY
https://raymii.org/s/articles/Get_Started_With_The_Nitrokey_HSM.html#SSH_Keys_with_the_HSM
100 2 Laurent GUERBY
101 16 Laurent GUERBY
https://media.ccc.de/v/33c3-8314-bootstraping_a_slightly_more_secure_laptop
102 16 Laurent GUERBY
103 15 Laurent GUERBY
https://portier.github.io/
104 15 Laurent GUERBY
105 2 Laurent GUERBY
https://sec2016.rmll.info/programme/#usb-armory
106 2 Laurent GUERBY
https://sec2016.rmll.info//files/
107 1 Laurent GUERBY
https://sec2016.rmll.info//files/20160704-02-Barisani-forging_the_usb_armory.pdf
108 48 Laurent GUERBY
https://www.crowdsupply.com/inverse-path/usb-armory
109 48 Laurent GUERBY
  $130
110 48 Laurent GUERBY
  kicad https://github.com/inversepath/usbarmory/tree/master/hardware
111 4 Laurent GUERBY
112 4 Laurent GUERBY
http://keithp.com/blogs/chaoskey/
113 4 Laurent GUERBY
http://saimei.acc.umu.se/pub/debian-meetings/2016/debconf16/Chaoskey_A_Hardware_Random_Number_Generator_for_Everyone.webm
114 5 Laurent GUERBY
115 5 Laurent GUERBY
http://www.nextinpact.com/news/100871-choisir-bon-mot-passe-regles-a-connaitre-pieges-a-eviter.htm
116 5 Laurent GUERBY
http://www.nextinpact.com/news/96167-u2f-double-authentification-par-clef-usb-se-repand-et-debarque-dans-dropbox.htm
117 6 Laurent GUERBY
https://forum.nextinpact.com/topic/157193-bien-g%C3%A9rer-ses-mots-de-passe/
118 5 Laurent GUERBY
https://fidoalliance.org/
119 18 Laurent GUERBY
https://blog.adafruit.com/2017/01/04/new-product-fido-u2f-security-key-u2f-usb-two-step-authentication-security/
120 19 Laurent GUERBY
https://www.ledgerwallet.com/products/12-ledger-nano-s
121 8 Laurent GUERBY
122 8 Laurent GUERBY
https://www.entrouvert.com/fr/identite-numerique/authentic-2/
123 9 Laurent GUERBY
124 9 Laurent GUERBY
125 9 Laurent GUERBY
https://indico.mathrice.fr/event/27/contribution/13/material/slides/0.pdf
126 9 Laurent GUERBY
Principe de fonctionnement OAuth2
127 10 Laurent GUERBY
128 10 Laurent GUERBY
http://blog.hansenpartnership.com/using-your-tpm-as-a-secure-key-store/
129 10 Laurent GUERBY
https://blog.filippo.io/giving-up-on-long-term-pgp/
130 11 Laurent GUERBY
131 11 Laurent GUERBY
https://www.ledgerwallet.com/products/12-ledger-nano-s 
132 11 Laurent GUERBY
https://github.com/LedgerHQ 
133 11 Laurent GUERBY
https://www.ledgerwallet.com/products/9-ledger-blue
134 17 Laurent GUERBY
135 17 Laurent GUERBY
http://digiposte.fr
136 17 Laurent GUERBY
edf, gdf, impots, assurances en auto via un id (?)
137 17 Laurent GUERBY
tu peux récupérer un zip des dossiers
138 20 Laurent GUERBY
139 20 Laurent GUERBY
140 20 Laurent GUERBY
https://lauren.vortex.com/2017/01/05/biting-the-bullet-its-time-to-require-2-factor-verified-logins
141 21 Laurent GUERBY
https://cloud.google.com/security/security-design/
142 22 Laurent GUERBY
https://github.com/google/key-transparency
143 27 Laurent GUERBY
https://www.facebook.com/notes/facebook-security/security-key-for-safer-logins-with-a-touch/10154125089265766
144 25 Laurent GUERBY
145 28 Laurent GUERBY
https://tech.slashdot.org/story/17/01/30/2023249/facebooks-new-tool-looks-to-replace-traditional-two-factor-authentication
146 28 Laurent GUERBY
https://www.facebook.com/notes/protect-the-graph/improving-account-security-with-delegated-recovery/1833022090271267
147 28 Laurent GUERBY
148 31 Laurent GUERBY
https://keybase.io/blog/keybase-chat
149 31 Laurent GUERBY
150 32 Laurent GUERBY
https://arstechnica.com/gadgets/2017/02/no-key-no-login-g-suite-admins-can-now-make-fido-security-keys-mandatory/
151 32 Laurent GUERBY
152 33 Matthieu Herrb
https://chown.me/blog/my-recent-journey-with-2FA.html
153 33 Matthieu Herrb
154 34 Laurent GUERBY
https://korben.info/keybox-console-centraliser-vos-acces-ssh.html
155 34 Laurent GUERBY
http://sshkeybox.com/
156 34 Laurent GUERBY
157 42 Laurent GUERBY
https://github.com/lipp/login-with
158 42 Laurent GUERBY
159 43 Laurent GUERBY
https://blog.plan99.net/building-account-systems-f790bf5fdbe0
160 43 Laurent GUERBY
https://www.troyhunt.com/passwords-evolved-authentication-guidance-for-the-modern-era/
161 44 Laurent GUERBY
https://www.troyhunt.com/password-managers-dont-have-to-be-perfect-they-just-have-to-be-better-than-not-having-one/
162 45 Laurent GUERBY
https://www.owasp.org/index.php/Password_Storage_Cheat_Sheet
163 45 Laurent GUERBY
https://blogs.dropbox.com/tech/2016/09/how-dropbox-securely-stores-your-passwords/
164 46 Laurent GUERBY
https://www.troyhunt.com/introducing-306-million-freely-downloadable-pwned-passwords/
165 43 Laurent GUERBY
166 25 Laurent GUERBY
h2. Passwords
167 25 Laurent GUERBY
168 26 Guilhem Saurel
https://www.passwordstore.org/
169 25 Laurent GUERBY
https://keepassxreboot.github.io/project
170 35 Laurent GUERBY
https://ask.slashdot.org/story/17/03/08/212244/ask-slashdot-should-you-use-password-managers