Projet

Général

Profil

Authentification » Historique » Version 73

Laurent GUERBY, 06/06/2018 22:45

1 1 Laurent GUERBY
{{>toc}}
2 1 Laurent GUERBY
3 1 Laurent GUERBY
h1. Authentification
4 1 Laurent GUERBY
5 25 Laurent GUERBY
h2. Liens
6 25 Laurent GUERBY
7 3 Laurent GUERBY
https://en.wikipedia.org/wiki/YubiKey
8 1 Laurent GUERBY
9 66 Laurent GUERBY
https://0day.work/using-a-yubikey-for-gpg-and-ssh/
10 66 Laurent GUERBY
11 54 Laurent GUERBY
https://tech.slashdot.org/story/17/10/01/2130249/google-plans-upgrade-of-two-factor-authentication-for-politicians-and-ceos
12 54 Laurent GUERBY
13 62 Laurent GUERBY
https://www.evilsocket.net/2017/12/07/DIY-Portable-Secrets-Manager-with-a-RPI-Zero-and-the-ARC-Project/
14 62 Laurent GUERBY
15 55 Laurent GUERBY
https://lwn.net/Articles/734767/
16 55 Laurent GUERBY
Strategies for offline PGP key storage
17 55 Laurent GUERBY
18 68 Laurent GUERBY
https://blog.cloudflare.com/how-developers-got-password-security-so-wrong/
19 68 Laurent GUERBY
20 67 Laurent GUERBY
https://www.crowdsupply.com/sutajio-kosagi/tomu
21 67 Laurent GUERBY
22 73 Laurent GUERBY
https://www.tartarefr.eu/remplacer-les-mots-de-passe-par-linsertion-dune-cle-usb/
23 73 Laurent GUERBY
24 60 Laurent GUERBY
https://lwn.net/Articles/736231/
25 60 Laurent GUERBY
A comparison of cryptographic keycards
26 60 Laurent GUERBY
27 69 Laurent GUERBY
https://lwn.net/Articles/750430/
28 69 Laurent GUERBY
Free Nitrokey cryptographic cards for kernel developers
29 69 Laurent GUERBY
30 72 Laurent GUERBY
https://mozilla-lockbox.github.io/
31 72 Laurent GUERBY
32 70 Laurent GUERBY
https://www.nextinpact.com/news/106385-connexion-securisee-api-webauthn-presque-finalisee-premiere-yubikey-fido2.htm
33 71 Laurent GUERBY
https://linode.com/docs/security/authentication/use-one-time-passwords-for-two-factor-authentication-with-ssh-on-ubuntu-16-04-and-debian-8/
34 71 Laurent GUERBY
https://support.yubico.com/support/solutions/articles/15000006444-losing-your-yubikey
35 70 Laurent GUERBY
36 63 Laurent GUERBY
https://hackaday.com/2017/12/14/using-gmail-with-oauth2-in-linux-and-on-an-esp8266/
37 63 Laurent GUERBY
38 61 Laurent GUERBY
https://www.imperialviolet.org/2017/10/08/securitykeytest.html
39 61 Laurent GUERBY
Testing Security Keys (08 Oct 2017)
40 61 Laurent GUERBY
41 61 Laurent GUERBY
https://github.com/hillbrad/U2FReviews#u2freviews
42 61 Laurent GUERBY
43 65 Laurent GUERBY
https://hackaday.com/2018/01/04/two-factor-authentication-with-the-esp8266/
44 65 Laurent GUERBY
45 56 Laurent GUERBY
https://hackaday.com/2017/10/16/inside-two-factor-authentication-apps
46 56 Laurent GUERBY
47 59 Laurent GUERBY
https://www.nextinpact.com/brief/protonmail-proposera-sa-propre-cle-de-securite-u2f-789.htm
48 59 Laurent GUERBY
49 47 Laurent GUERBY
https://www.crowdsupply.com/nth-dimension/signet
50 48 Laurent GUERBY
$39 kicad design
51 1 Laurent GUERBY
52 64 Laurent GUERBY
https://www.libre-parcours.net/post/comment-je-gere-mes-mots-de-passe/
53 64 Laurent GUERBY
54 57 Laurent GUERBY
https://protonmail.com/blog/encrypted_email_authentication/
55 57 Laurent GUERBY
https://tools.ietf.org/html/rfc2945
56 58 Laurent GUERBY
   The SRP Authentication and Key Exchange System Secure Remote Password (SRP)
57 57 Laurent GUERBY
58 57 Laurent GUERBY
59 48 Laurent GUERBY
https://www.crowdsupply.com/third-pin/pastilda
60 48 Laurent GUERBY
   $50 middle USB in out
61 48 Laurent GUERBY
   pas vraiment de design file dispo ?
62 48 Laurent GUERBY
   https://bitbucket.org/thirdpin_team/pastilda
63 48 Laurent GUERBY
   old https://github.com/thirdpin/pastilda
64 48 Laurent GUERBY
   
65 50 Laurent GUERBY
https://www.ory.am/run-oauth2-server-open-source-api-security.html
66 49 Laurent GUERBY
https://github.com/ory/hydra
67 49 Laurent GUERBY
   Oauth2 high performance
68 48 Laurent GUERBY
69 53 Laurent GUERBY
https://www.owasp.org/index.php/Authentication_Cheat_Sheet
70 53 Laurent GUERBY
  The Open Web Application Security Project
71 53 Laurent GUERBY
72 1 Laurent GUERBY
https://github.com/conorpp/u2f-zero
73 1 Laurent GUERBY
U2F Zero
74 1 Laurent GUERBY
U2F Zero is an open source U2F token for 2 factor authentication. It is implemented securely. It works with Google accounts, Github, Duo, OpenSSH, and anything else supporting U2F.
75 23 Laurent GUERBY
http://hackaday.com/2017/01/17/shmoocon-2017-the-ins-and-outs-of-manufacturing-and-selling-hardware/
76 36 Laurent GUERBY
https://www.u2fzero.com/
77 2 Laurent GUERBY
78 51 Laurent GUERBY
https://plus.google.com/+LaurenWeinstein/posts/avKcX7QmASi
79 51 Laurent GUERBY
Do I really need to bother with Google's 2-Step Verification system? I don't need more hassle and my passwords are pretty good.
80 51 Laurent GUERBY
81 52 Laurent GUERBY
https://lauren.vortex.com/2017/06/10/google-users-who-want-to-use-2-factor-protections-but-dont-understand-how
82 52 Laurent GUERBY
83 52 Laurent GUERBY
84 38 Laurent GUERBY
https://it.slashdot.org/story/17/05/04/218210/google-was-warned-about-this-weeks-mass-phishing-email-attack-six-years-ago
85 39 Laurent GUERBY
https://oauth.net/
86 41 Laurent GUERBY
https://arstechnica.com/security/2017/05/thieves-drain-2fa-protected-bank-accounts-by-abusing-ss7-routing-protocol/
87 38 Laurent GUERBY
88 12 Laurent GUERBY
http://arstechnica.com/security/2016/12/this-low-cost-device-may-be-the-worlds-best-hope-against-account-takeovers/
89 12 Laurent GUERBY
https://en.wikipedia.org/wiki/Universal_2nd_Factor
90 13 Laurent GUERBY
https://it.slashdot.org/story/16/12/24/0037256/u2f-security-keys-may-be-the-worlds-best-hope-against-account-takeovers
91 13 Laurent GUERBY
https://shop.nitrokey.com/shop/product/nitrokey-u2f-5
92 13 Laurent GUERBY
https://homepages.laas.fr/matthieu/talks/token-capitoul.pdf
93 14 Matthieu Herrb
https://github.com/ruimarinho/yubikey-handbook
94 37 Matthieu Herrb
https://research.kudelskisecurity.com/2017/04/28/configuring-yubikey-for-gpg-and-u2f/
95 12 Laurent GUERBY
96 7 Laurent GUERBY
http://hackaday.com/2016/09/29/taking-a-u2f-hardware-key-from-design-to-production/
97 7 Laurent GUERBY
98 1 Laurent GUERBY
https://m.nextinpact.com/news/102201-clefs-gpg-comment-stocker-et-utiliser-via-clef-usb-openpgp-card.htm
99 30 Guilhem Saurel
https://www.palkeo.com/sys/yubikey.html
100 29 Laurent GUERBY
101 24 Laurent GUERBY
http://www.limpkin.fr/index.php?post/2017/01/13/A-Mass-Programming-Bench-for-ATMega32u4-MCUs
102 40 Laurent GUERBY
103 40 Laurent GUERBY
https://www.themooltipass.com/
104 24 Laurent GUERBY
https://www.indiegogo.com/projects/mooltipass-open-source-offline-password-keeper
105 24 Laurent GUERBY
https://www.kickstarter.com/projects/limpkin/mooltipass-mini-your-passwords-on-the-go
106 24 Laurent GUERBY
107 2 Laurent GUERBY
https://raymii.org/s/articles/Get_Started_With_The_Nitrokey_HSM.html#SSH_Keys_with_the_HSM
108 2 Laurent GUERBY
109 16 Laurent GUERBY
https://media.ccc.de/v/33c3-8314-bootstraping_a_slightly_more_secure_laptop
110 16 Laurent GUERBY
111 15 Laurent GUERBY
https://portier.github.io/
112 15 Laurent GUERBY
113 2 Laurent GUERBY
https://sec2016.rmll.info/programme/#usb-armory
114 2 Laurent GUERBY
https://sec2016.rmll.info//files/
115 1 Laurent GUERBY
https://sec2016.rmll.info//files/20160704-02-Barisani-forging_the_usb_armory.pdf
116 48 Laurent GUERBY
https://www.crowdsupply.com/inverse-path/usb-armory
117 48 Laurent GUERBY
  $130
118 48 Laurent GUERBY
  kicad https://github.com/inversepath/usbarmory/tree/master/hardware
119 4 Laurent GUERBY
120 4 Laurent GUERBY
http://keithp.com/blogs/chaoskey/
121 4 Laurent GUERBY
http://saimei.acc.umu.se/pub/debian-meetings/2016/debconf16/Chaoskey_A_Hardware_Random_Number_Generator_for_Everyone.webm
122 5 Laurent GUERBY
123 5 Laurent GUERBY
http://www.nextinpact.com/news/100871-choisir-bon-mot-passe-regles-a-connaitre-pieges-a-eviter.htm
124 5 Laurent GUERBY
http://www.nextinpact.com/news/96167-u2f-double-authentification-par-clef-usb-se-repand-et-debarque-dans-dropbox.htm
125 6 Laurent GUERBY
https://forum.nextinpact.com/topic/157193-bien-g%C3%A9rer-ses-mots-de-passe/
126 5 Laurent GUERBY
https://fidoalliance.org/
127 18 Laurent GUERBY
https://blog.adafruit.com/2017/01/04/new-product-fido-u2f-security-key-u2f-usb-two-step-authentication-security/
128 19 Laurent GUERBY
https://www.ledgerwallet.com/products/12-ledger-nano-s
129 8 Laurent GUERBY
130 8 Laurent GUERBY
https://www.entrouvert.com/fr/identite-numerique/authentic-2/
131 9 Laurent GUERBY
132 9 Laurent GUERBY
133 9 Laurent GUERBY
https://indico.mathrice.fr/event/27/contribution/13/material/slides/0.pdf
134 9 Laurent GUERBY
Principe de fonctionnement OAuth2
135 10 Laurent GUERBY
136 10 Laurent GUERBY
http://blog.hansenpartnership.com/using-your-tpm-as-a-secure-key-store/
137 10 Laurent GUERBY
https://blog.filippo.io/giving-up-on-long-term-pgp/
138 11 Laurent GUERBY
139 11 Laurent GUERBY
https://www.ledgerwallet.com/products/12-ledger-nano-s 
140 11 Laurent GUERBY
https://github.com/LedgerHQ 
141 11 Laurent GUERBY
https://www.ledgerwallet.com/products/9-ledger-blue
142 17 Laurent GUERBY
143 17 Laurent GUERBY
http://digiposte.fr
144 17 Laurent GUERBY
edf, gdf, impots, assurances en auto via un id (?)
145 17 Laurent GUERBY
tu peux récupérer un zip des dossiers
146 20 Laurent GUERBY
147 20 Laurent GUERBY
148 20 Laurent GUERBY
https://lauren.vortex.com/2017/01/05/biting-the-bullet-its-time-to-require-2-factor-verified-logins
149 21 Laurent GUERBY
https://cloud.google.com/security/security-design/
150 22 Laurent GUERBY
https://github.com/google/key-transparency
151 27 Laurent GUERBY
https://www.facebook.com/notes/facebook-security/security-key-for-safer-logins-with-a-touch/10154125089265766
152 25 Laurent GUERBY
153 28 Laurent GUERBY
https://tech.slashdot.org/story/17/01/30/2023249/facebooks-new-tool-looks-to-replace-traditional-two-factor-authentication
154 28 Laurent GUERBY
https://www.facebook.com/notes/protect-the-graph/improving-account-security-with-delegated-recovery/1833022090271267
155 28 Laurent GUERBY
156 31 Laurent GUERBY
https://keybase.io/blog/keybase-chat
157 31 Laurent GUERBY
158 32 Laurent GUERBY
https://arstechnica.com/gadgets/2017/02/no-key-no-login-g-suite-admins-can-now-make-fido-security-keys-mandatory/
159 32 Laurent GUERBY
160 33 Matthieu Herrb
https://chown.me/blog/my-recent-journey-with-2FA.html
161 33 Matthieu Herrb
162 34 Laurent GUERBY
https://korben.info/keybox-console-centraliser-vos-acces-ssh.html
163 34 Laurent GUERBY
http://sshkeybox.com/
164 34 Laurent GUERBY
165 42 Laurent GUERBY
https://github.com/lipp/login-with
166 42 Laurent GUERBY
167 43 Laurent GUERBY
https://blog.plan99.net/building-account-systems-f790bf5fdbe0
168 43 Laurent GUERBY
https://www.troyhunt.com/passwords-evolved-authentication-guidance-for-the-modern-era/
169 44 Laurent GUERBY
https://www.troyhunt.com/password-managers-dont-have-to-be-perfect-they-just-have-to-be-better-than-not-having-one/
170 45 Laurent GUERBY
https://www.owasp.org/index.php/Password_Storage_Cheat_Sheet
171 45 Laurent GUERBY
https://blogs.dropbox.com/tech/2016/09/how-dropbox-securely-stores-your-passwords/
172 46 Laurent GUERBY
https://www.troyhunt.com/introducing-306-million-freely-downloadable-pwned-passwords/
173 43 Laurent GUERBY
174 25 Laurent GUERBY
h2. Passwords
175 25 Laurent GUERBY
176 26 Guilhem Saurel
https://www.passwordstore.org/
177 25 Laurent GUERBY
https://keepassxreboot.github.io/project
178 35 Laurent GUERBY
https://ask.slashdot.org/story/17/03/08/212244/ask-slashdot-should-you-use-password-managers