Projet

Général

Profil

Authentification » Historique » Version 71

Laurent GUERBY, 18/04/2018 17:25

1 1 Laurent GUERBY
{{>toc}}
2 1 Laurent GUERBY
3 1 Laurent GUERBY
h1. Authentification
4 1 Laurent GUERBY
5 25 Laurent GUERBY
h2. Liens
6 25 Laurent GUERBY
7 3 Laurent GUERBY
https://en.wikipedia.org/wiki/YubiKey
8 1 Laurent GUERBY
9 66 Laurent GUERBY
https://0day.work/using-a-yubikey-for-gpg-and-ssh/
10 66 Laurent GUERBY
11 54 Laurent GUERBY
https://tech.slashdot.org/story/17/10/01/2130249/google-plans-upgrade-of-two-factor-authentication-for-politicians-and-ceos
12 54 Laurent GUERBY
13 62 Laurent GUERBY
https://www.evilsocket.net/2017/12/07/DIY-Portable-Secrets-Manager-with-a-RPI-Zero-and-the-ARC-Project/
14 62 Laurent GUERBY
15 55 Laurent GUERBY
https://lwn.net/Articles/734767/
16 55 Laurent GUERBY
Strategies for offline PGP key storage
17 55 Laurent GUERBY
18 68 Laurent GUERBY
https://blog.cloudflare.com/how-developers-got-password-security-so-wrong/
19 68 Laurent GUERBY
20 67 Laurent GUERBY
https://www.crowdsupply.com/sutajio-kosagi/tomu
21 67 Laurent GUERBY
22 60 Laurent GUERBY
https://lwn.net/Articles/736231/
23 60 Laurent GUERBY
A comparison of cryptographic keycards
24 60 Laurent GUERBY
25 69 Laurent GUERBY
https://lwn.net/Articles/750430/
26 69 Laurent GUERBY
Free Nitrokey cryptographic cards for kernel developers
27 69 Laurent GUERBY
28 70 Laurent GUERBY
https://www.nextinpact.com/news/106385-connexion-securisee-api-webauthn-presque-finalisee-premiere-yubikey-fido2.htm
29 71 Laurent GUERBY
https://linode.com/docs/security/authentication/use-one-time-passwords-for-two-factor-authentication-with-ssh-on-ubuntu-16-04-and-debian-8/
30 71 Laurent GUERBY
https://support.yubico.com/support/solutions/articles/15000006444-losing-your-yubikey
31 70 Laurent GUERBY
32 63 Laurent GUERBY
https://hackaday.com/2017/12/14/using-gmail-with-oauth2-in-linux-and-on-an-esp8266/
33 63 Laurent GUERBY
34 61 Laurent GUERBY
https://www.imperialviolet.org/2017/10/08/securitykeytest.html
35 61 Laurent GUERBY
Testing Security Keys (08 Oct 2017)
36 61 Laurent GUERBY
37 61 Laurent GUERBY
https://github.com/hillbrad/U2FReviews#u2freviews
38 61 Laurent GUERBY
39 65 Laurent GUERBY
https://hackaday.com/2018/01/04/two-factor-authentication-with-the-esp8266/
40 65 Laurent GUERBY
41 56 Laurent GUERBY
https://hackaday.com/2017/10/16/inside-two-factor-authentication-apps
42 56 Laurent GUERBY
43 59 Laurent GUERBY
https://www.nextinpact.com/brief/protonmail-proposera-sa-propre-cle-de-securite-u2f-789.htm
44 59 Laurent GUERBY
45 47 Laurent GUERBY
https://www.crowdsupply.com/nth-dimension/signet
46 48 Laurent GUERBY
$39 kicad design
47 1 Laurent GUERBY
48 64 Laurent GUERBY
https://www.libre-parcours.net/post/comment-je-gere-mes-mots-de-passe/
49 64 Laurent GUERBY
50 57 Laurent GUERBY
https://protonmail.com/blog/encrypted_email_authentication/
51 57 Laurent GUERBY
https://tools.ietf.org/html/rfc2945
52 58 Laurent GUERBY
   The SRP Authentication and Key Exchange System Secure Remote Password (SRP)
53 57 Laurent GUERBY
54 57 Laurent GUERBY
55 48 Laurent GUERBY
https://www.crowdsupply.com/third-pin/pastilda
56 48 Laurent GUERBY
   $50 middle USB in out
57 48 Laurent GUERBY
   pas vraiment de design file dispo ?
58 48 Laurent GUERBY
   https://bitbucket.org/thirdpin_team/pastilda
59 48 Laurent GUERBY
   old https://github.com/thirdpin/pastilda
60 48 Laurent GUERBY
   
61 50 Laurent GUERBY
https://www.ory.am/run-oauth2-server-open-source-api-security.html
62 49 Laurent GUERBY
https://github.com/ory/hydra
63 49 Laurent GUERBY
   Oauth2 high performance
64 48 Laurent GUERBY
65 53 Laurent GUERBY
https://www.owasp.org/index.php/Authentication_Cheat_Sheet
66 53 Laurent GUERBY
  The Open Web Application Security Project
67 53 Laurent GUERBY
68 1 Laurent GUERBY
https://github.com/conorpp/u2f-zero
69 1 Laurent GUERBY
U2F Zero
70 1 Laurent GUERBY
U2F Zero is an open source U2F token for 2 factor authentication. It is implemented securely. It works with Google accounts, Github, Duo, OpenSSH, and anything else supporting U2F.
71 23 Laurent GUERBY
http://hackaday.com/2017/01/17/shmoocon-2017-the-ins-and-outs-of-manufacturing-and-selling-hardware/
72 36 Laurent GUERBY
https://www.u2fzero.com/
73 2 Laurent GUERBY
74 51 Laurent GUERBY
https://plus.google.com/+LaurenWeinstein/posts/avKcX7QmASi
75 51 Laurent GUERBY
Do I really need to bother with Google's 2-Step Verification system? I don't need more hassle and my passwords are pretty good.
76 51 Laurent GUERBY
77 52 Laurent GUERBY
https://lauren.vortex.com/2017/06/10/google-users-who-want-to-use-2-factor-protections-but-dont-understand-how
78 52 Laurent GUERBY
79 52 Laurent GUERBY
80 38 Laurent GUERBY
https://it.slashdot.org/story/17/05/04/218210/google-was-warned-about-this-weeks-mass-phishing-email-attack-six-years-ago
81 39 Laurent GUERBY
https://oauth.net/
82 41 Laurent GUERBY
https://arstechnica.com/security/2017/05/thieves-drain-2fa-protected-bank-accounts-by-abusing-ss7-routing-protocol/
83 38 Laurent GUERBY
84 12 Laurent GUERBY
http://arstechnica.com/security/2016/12/this-low-cost-device-may-be-the-worlds-best-hope-against-account-takeovers/
85 12 Laurent GUERBY
https://en.wikipedia.org/wiki/Universal_2nd_Factor
86 13 Laurent GUERBY
https://it.slashdot.org/story/16/12/24/0037256/u2f-security-keys-may-be-the-worlds-best-hope-against-account-takeovers
87 13 Laurent GUERBY
https://shop.nitrokey.com/shop/product/nitrokey-u2f-5
88 13 Laurent GUERBY
https://homepages.laas.fr/matthieu/talks/token-capitoul.pdf
89 14 Matthieu Herrb
https://github.com/ruimarinho/yubikey-handbook
90 37 Matthieu Herrb
https://research.kudelskisecurity.com/2017/04/28/configuring-yubikey-for-gpg-and-u2f/
91 12 Laurent GUERBY
92 7 Laurent GUERBY
http://hackaday.com/2016/09/29/taking-a-u2f-hardware-key-from-design-to-production/
93 7 Laurent GUERBY
94 1 Laurent GUERBY
https://m.nextinpact.com/news/102201-clefs-gpg-comment-stocker-et-utiliser-via-clef-usb-openpgp-card.htm
95 30 Guilhem Saurel
https://www.palkeo.com/sys/yubikey.html
96 29 Laurent GUERBY
97 24 Laurent GUERBY
http://www.limpkin.fr/index.php?post/2017/01/13/A-Mass-Programming-Bench-for-ATMega32u4-MCUs
98 40 Laurent GUERBY
99 40 Laurent GUERBY
https://www.themooltipass.com/
100 24 Laurent GUERBY
https://www.indiegogo.com/projects/mooltipass-open-source-offline-password-keeper
101 24 Laurent GUERBY
https://www.kickstarter.com/projects/limpkin/mooltipass-mini-your-passwords-on-the-go
102 24 Laurent GUERBY
103 2 Laurent GUERBY
https://raymii.org/s/articles/Get_Started_With_The_Nitrokey_HSM.html#SSH_Keys_with_the_HSM
104 2 Laurent GUERBY
105 16 Laurent GUERBY
https://media.ccc.de/v/33c3-8314-bootstraping_a_slightly_more_secure_laptop
106 16 Laurent GUERBY
107 15 Laurent GUERBY
https://portier.github.io/
108 15 Laurent GUERBY
109 2 Laurent GUERBY
https://sec2016.rmll.info/programme/#usb-armory
110 2 Laurent GUERBY
https://sec2016.rmll.info//files/
111 1 Laurent GUERBY
https://sec2016.rmll.info//files/20160704-02-Barisani-forging_the_usb_armory.pdf
112 48 Laurent GUERBY
https://www.crowdsupply.com/inverse-path/usb-armory
113 48 Laurent GUERBY
  $130
114 48 Laurent GUERBY
  kicad https://github.com/inversepath/usbarmory/tree/master/hardware
115 4 Laurent GUERBY
116 4 Laurent GUERBY
http://keithp.com/blogs/chaoskey/
117 4 Laurent GUERBY
http://saimei.acc.umu.se/pub/debian-meetings/2016/debconf16/Chaoskey_A_Hardware_Random_Number_Generator_for_Everyone.webm
118 5 Laurent GUERBY
119 5 Laurent GUERBY
http://www.nextinpact.com/news/100871-choisir-bon-mot-passe-regles-a-connaitre-pieges-a-eviter.htm
120 5 Laurent GUERBY
http://www.nextinpact.com/news/96167-u2f-double-authentification-par-clef-usb-se-repand-et-debarque-dans-dropbox.htm
121 6 Laurent GUERBY
https://forum.nextinpact.com/topic/157193-bien-g%C3%A9rer-ses-mots-de-passe/
122 5 Laurent GUERBY
https://fidoalliance.org/
123 18 Laurent GUERBY
https://blog.adafruit.com/2017/01/04/new-product-fido-u2f-security-key-u2f-usb-two-step-authentication-security/
124 19 Laurent GUERBY
https://www.ledgerwallet.com/products/12-ledger-nano-s
125 8 Laurent GUERBY
126 8 Laurent GUERBY
https://www.entrouvert.com/fr/identite-numerique/authentic-2/
127 9 Laurent GUERBY
128 9 Laurent GUERBY
129 9 Laurent GUERBY
https://indico.mathrice.fr/event/27/contribution/13/material/slides/0.pdf
130 9 Laurent GUERBY
Principe de fonctionnement OAuth2
131 10 Laurent GUERBY
132 10 Laurent GUERBY
http://blog.hansenpartnership.com/using-your-tpm-as-a-secure-key-store/
133 10 Laurent GUERBY
https://blog.filippo.io/giving-up-on-long-term-pgp/
134 11 Laurent GUERBY
135 11 Laurent GUERBY
https://www.ledgerwallet.com/products/12-ledger-nano-s 
136 11 Laurent GUERBY
https://github.com/LedgerHQ 
137 11 Laurent GUERBY
https://www.ledgerwallet.com/products/9-ledger-blue
138 17 Laurent GUERBY
139 17 Laurent GUERBY
http://digiposte.fr
140 17 Laurent GUERBY
edf, gdf, impots, assurances en auto via un id (?)
141 17 Laurent GUERBY
tu peux récupérer un zip des dossiers
142 20 Laurent GUERBY
143 20 Laurent GUERBY
144 20 Laurent GUERBY
https://lauren.vortex.com/2017/01/05/biting-the-bullet-its-time-to-require-2-factor-verified-logins
145 21 Laurent GUERBY
https://cloud.google.com/security/security-design/
146 22 Laurent GUERBY
https://github.com/google/key-transparency
147 27 Laurent GUERBY
https://www.facebook.com/notes/facebook-security/security-key-for-safer-logins-with-a-touch/10154125089265766
148 25 Laurent GUERBY
149 28 Laurent GUERBY
https://tech.slashdot.org/story/17/01/30/2023249/facebooks-new-tool-looks-to-replace-traditional-two-factor-authentication
150 28 Laurent GUERBY
https://www.facebook.com/notes/protect-the-graph/improving-account-security-with-delegated-recovery/1833022090271267
151 28 Laurent GUERBY
152 31 Laurent GUERBY
https://keybase.io/blog/keybase-chat
153 31 Laurent GUERBY
154 32 Laurent GUERBY
https://arstechnica.com/gadgets/2017/02/no-key-no-login-g-suite-admins-can-now-make-fido-security-keys-mandatory/
155 32 Laurent GUERBY
156 33 Matthieu Herrb
https://chown.me/blog/my-recent-journey-with-2FA.html
157 33 Matthieu Herrb
158 34 Laurent GUERBY
https://korben.info/keybox-console-centraliser-vos-acces-ssh.html
159 34 Laurent GUERBY
http://sshkeybox.com/
160 34 Laurent GUERBY
161 42 Laurent GUERBY
https://github.com/lipp/login-with
162 42 Laurent GUERBY
163 43 Laurent GUERBY
https://blog.plan99.net/building-account-systems-f790bf5fdbe0
164 43 Laurent GUERBY
https://www.troyhunt.com/passwords-evolved-authentication-guidance-for-the-modern-era/
165 44 Laurent GUERBY
https://www.troyhunt.com/password-managers-dont-have-to-be-perfect-they-just-have-to-be-better-than-not-having-one/
166 45 Laurent GUERBY
https://www.owasp.org/index.php/Password_Storage_Cheat_Sheet
167 45 Laurent GUERBY
https://blogs.dropbox.com/tech/2016/09/how-dropbox-securely-stores-your-passwords/
168 46 Laurent GUERBY
https://www.troyhunt.com/introducing-306-million-freely-downloadable-pwned-passwords/
169 43 Laurent GUERBY
170 25 Laurent GUERBY
h2. Passwords
171 25 Laurent GUERBY
172 26 Guilhem Saurel
https://www.passwordstore.org/
173 25 Laurent GUERBY
https://keepassxreboot.github.io/project
174 35 Laurent GUERBY
https://ask.slashdot.org/story/17/03/08/212244/ask-slashdot-should-you-use-password-managers