Projet

Général

Profil

Authentification » Historique » Version 74

Laurent GUERBY, 23/06/2018 10:17

1 1 Laurent GUERBY
{{>toc}}
2 1 Laurent GUERBY
3 1 Laurent GUERBY
h1. Authentification
4 1 Laurent GUERBY
5 25 Laurent GUERBY
h2. Liens
6 25 Laurent GUERBY
7 3 Laurent GUERBY
https://en.wikipedia.org/wiki/YubiKey
8 1 Laurent GUERBY
9 66 Laurent GUERBY
https://0day.work/using-a-yubikey-for-gpg-and-ssh/
10 66 Laurent GUERBY
11 54 Laurent GUERBY
https://tech.slashdot.org/story/17/10/01/2130249/google-plans-upgrade-of-two-factor-authentication-for-politicians-and-ceos
12 54 Laurent GUERBY
13 62 Laurent GUERBY
https://www.evilsocket.net/2017/12/07/DIY-Portable-Secrets-Manager-with-a-RPI-Zero-and-the-ARC-Project/
14 62 Laurent GUERBY
15 55 Laurent GUERBY
https://lwn.net/Articles/734767/
16 55 Laurent GUERBY
Strategies for offline PGP key storage
17 55 Laurent GUERBY
18 68 Laurent GUERBY
https://blog.cloudflare.com/how-developers-got-password-security-so-wrong/
19 68 Laurent GUERBY
20 67 Laurent GUERBY
https://www.crowdsupply.com/sutajio-kosagi/tomu
21 67 Laurent GUERBY
22 73 Laurent GUERBY
https://www.tartarefr.eu/remplacer-les-mots-de-passe-par-linsertion-dune-cle-usb/
23 73 Laurent GUERBY
24 60 Laurent GUERBY
https://lwn.net/Articles/736231/
25 60 Laurent GUERBY
A comparison of cryptographic keycards
26 60 Laurent GUERBY
27 69 Laurent GUERBY
https://lwn.net/Articles/750430/
28 69 Laurent GUERBY
Free Nitrokey cryptographic cards for kernel developers
29 69 Laurent GUERBY
30 74 Laurent GUERBY
https://anarc.at/blog/2017-10-26-comparison-cryptographic-keycards/
31 74 Laurent GUERBY
32 72 Laurent GUERBY
https://mozilla-lockbox.github.io/
33 72 Laurent GUERBY
34 70 Laurent GUERBY
https://www.nextinpact.com/news/106385-connexion-securisee-api-webauthn-presque-finalisee-premiere-yubikey-fido2.htm
35 71 Laurent GUERBY
https://linode.com/docs/security/authentication/use-one-time-passwords-for-two-factor-authentication-with-ssh-on-ubuntu-16-04-and-debian-8/
36 71 Laurent GUERBY
https://support.yubico.com/support/solutions/articles/15000006444-losing-your-yubikey
37 70 Laurent GUERBY
38 63 Laurent GUERBY
https://hackaday.com/2017/12/14/using-gmail-with-oauth2-in-linux-and-on-an-esp8266/
39 63 Laurent GUERBY
40 61 Laurent GUERBY
https://www.imperialviolet.org/2017/10/08/securitykeytest.html
41 61 Laurent GUERBY
Testing Security Keys (08 Oct 2017)
42 61 Laurent GUERBY
43 61 Laurent GUERBY
https://github.com/hillbrad/U2FReviews#u2freviews
44 61 Laurent GUERBY
45 65 Laurent GUERBY
https://hackaday.com/2018/01/04/two-factor-authentication-with-the-esp8266/
46 65 Laurent GUERBY
47 56 Laurent GUERBY
https://hackaday.com/2017/10/16/inside-two-factor-authentication-apps
48 56 Laurent GUERBY
49 59 Laurent GUERBY
https://www.nextinpact.com/brief/protonmail-proposera-sa-propre-cle-de-securite-u2f-789.htm
50 59 Laurent GUERBY
51 47 Laurent GUERBY
https://www.crowdsupply.com/nth-dimension/signet
52 48 Laurent GUERBY
$39 kicad design
53 1 Laurent GUERBY
54 64 Laurent GUERBY
https://www.libre-parcours.net/post/comment-je-gere-mes-mots-de-passe/
55 64 Laurent GUERBY
56 57 Laurent GUERBY
https://protonmail.com/blog/encrypted_email_authentication/
57 57 Laurent GUERBY
https://tools.ietf.org/html/rfc2945
58 58 Laurent GUERBY
   The SRP Authentication and Key Exchange System Secure Remote Password (SRP)
59 57 Laurent GUERBY
60 57 Laurent GUERBY
61 48 Laurent GUERBY
https://www.crowdsupply.com/third-pin/pastilda
62 48 Laurent GUERBY
   $50 middle USB in out
63 48 Laurent GUERBY
   pas vraiment de design file dispo ?
64 48 Laurent GUERBY
   https://bitbucket.org/thirdpin_team/pastilda
65 48 Laurent GUERBY
   old https://github.com/thirdpin/pastilda
66 48 Laurent GUERBY
   
67 50 Laurent GUERBY
https://www.ory.am/run-oauth2-server-open-source-api-security.html
68 49 Laurent GUERBY
https://github.com/ory/hydra
69 49 Laurent GUERBY
   Oauth2 high performance
70 48 Laurent GUERBY
71 53 Laurent GUERBY
https://www.owasp.org/index.php/Authentication_Cheat_Sheet
72 53 Laurent GUERBY
  The Open Web Application Security Project
73 53 Laurent GUERBY
74 1 Laurent GUERBY
https://github.com/conorpp/u2f-zero
75 1 Laurent GUERBY
U2F Zero
76 1 Laurent GUERBY
U2F Zero is an open source U2F token for 2 factor authentication. It is implemented securely. It works with Google accounts, Github, Duo, OpenSSH, and anything else supporting U2F.
77 23 Laurent GUERBY
http://hackaday.com/2017/01/17/shmoocon-2017-the-ins-and-outs-of-manufacturing-and-selling-hardware/
78 36 Laurent GUERBY
https://www.u2fzero.com/
79 2 Laurent GUERBY
80 51 Laurent GUERBY
https://plus.google.com/+LaurenWeinstein/posts/avKcX7QmASi
81 51 Laurent GUERBY
Do I really need to bother with Google's 2-Step Verification system? I don't need more hassle and my passwords are pretty good.
82 51 Laurent GUERBY
83 52 Laurent GUERBY
https://lauren.vortex.com/2017/06/10/google-users-who-want-to-use-2-factor-protections-but-dont-understand-how
84 52 Laurent GUERBY
85 52 Laurent GUERBY
86 38 Laurent GUERBY
https://it.slashdot.org/story/17/05/04/218210/google-was-warned-about-this-weeks-mass-phishing-email-attack-six-years-ago
87 39 Laurent GUERBY
https://oauth.net/
88 41 Laurent GUERBY
https://arstechnica.com/security/2017/05/thieves-drain-2fa-protected-bank-accounts-by-abusing-ss7-routing-protocol/
89 38 Laurent GUERBY
90 12 Laurent GUERBY
http://arstechnica.com/security/2016/12/this-low-cost-device-may-be-the-worlds-best-hope-against-account-takeovers/
91 12 Laurent GUERBY
https://en.wikipedia.org/wiki/Universal_2nd_Factor
92 13 Laurent GUERBY
https://it.slashdot.org/story/16/12/24/0037256/u2f-security-keys-may-be-the-worlds-best-hope-against-account-takeovers
93 13 Laurent GUERBY
https://shop.nitrokey.com/shop/product/nitrokey-u2f-5
94 13 Laurent GUERBY
https://homepages.laas.fr/matthieu/talks/token-capitoul.pdf
95 14 Matthieu Herrb
https://github.com/ruimarinho/yubikey-handbook
96 37 Matthieu Herrb
https://research.kudelskisecurity.com/2017/04/28/configuring-yubikey-for-gpg-and-u2f/
97 12 Laurent GUERBY
98 7 Laurent GUERBY
http://hackaday.com/2016/09/29/taking-a-u2f-hardware-key-from-design-to-production/
99 7 Laurent GUERBY
100 1 Laurent GUERBY
https://m.nextinpact.com/news/102201-clefs-gpg-comment-stocker-et-utiliser-via-clef-usb-openpgp-card.htm
101 30 Guilhem Saurel
https://www.palkeo.com/sys/yubikey.html
102 29 Laurent GUERBY
103 24 Laurent GUERBY
http://www.limpkin.fr/index.php?post/2017/01/13/A-Mass-Programming-Bench-for-ATMega32u4-MCUs
104 40 Laurent GUERBY
105 40 Laurent GUERBY
https://www.themooltipass.com/
106 24 Laurent GUERBY
https://www.indiegogo.com/projects/mooltipass-open-source-offline-password-keeper
107 24 Laurent GUERBY
https://www.kickstarter.com/projects/limpkin/mooltipass-mini-your-passwords-on-the-go
108 24 Laurent GUERBY
109 2 Laurent GUERBY
https://raymii.org/s/articles/Get_Started_With_The_Nitrokey_HSM.html#SSH_Keys_with_the_HSM
110 2 Laurent GUERBY
111 16 Laurent GUERBY
https://media.ccc.de/v/33c3-8314-bootstraping_a_slightly_more_secure_laptop
112 16 Laurent GUERBY
113 15 Laurent GUERBY
https://portier.github.io/
114 15 Laurent GUERBY
115 2 Laurent GUERBY
https://sec2016.rmll.info/programme/#usb-armory
116 2 Laurent GUERBY
https://sec2016.rmll.info//files/
117 1 Laurent GUERBY
https://sec2016.rmll.info//files/20160704-02-Barisani-forging_the_usb_armory.pdf
118 48 Laurent GUERBY
https://www.crowdsupply.com/inverse-path/usb-armory
119 48 Laurent GUERBY
  $130
120 48 Laurent GUERBY
  kicad https://github.com/inversepath/usbarmory/tree/master/hardware
121 4 Laurent GUERBY
122 4 Laurent GUERBY
http://keithp.com/blogs/chaoskey/
123 4 Laurent GUERBY
http://saimei.acc.umu.se/pub/debian-meetings/2016/debconf16/Chaoskey_A_Hardware_Random_Number_Generator_for_Everyone.webm
124 5 Laurent GUERBY
125 5 Laurent GUERBY
http://www.nextinpact.com/news/100871-choisir-bon-mot-passe-regles-a-connaitre-pieges-a-eviter.htm
126 5 Laurent GUERBY
http://www.nextinpact.com/news/96167-u2f-double-authentification-par-clef-usb-se-repand-et-debarque-dans-dropbox.htm
127 6 Laurent GUERBY
https://forum.nextinpact.com/topic/157193-bien-g%C3%A9rer-ses-mots-de-passe/
128 5 Laurent GUERBY
https://fidoalliance.org/
129 18 Laurent GUERBY
https://blog.adafruit.com/2017/01/04/new-product-fido-u2f-security-key-u2f-usb-two-step-authentication-security/
130 19 Laurent GUERBY
https://www.ledgerwallet.com/products/12-ledger-nano-s
131 8 Laurent GUERBY
132 8 Laurent GUERBY
https://www.entrouvert.com/fr/identite-numerique/authentic-2/
133 9 Laurent GUERBY
134 9 Laurent GUERBY
135 9 Laurent GUERBY
https://indico.mathrice.fr/event/27/contribution/13/material/slides/0.pdf
136 9 Laurent GUERBY
Principe de fonctionnement OAuth2
137 10 Laurent GUERBY
138 10 Laurent GUERBY
http://blog.hansenpartnership.com/using-your-tpm-as-a-secure-key-store/
139 10 Laurent GUERBY
https://blog.filippo.io/giving-up-on-long-term-pgp/
140 11 Laurent GUERBY
141 11 Laurent GUERBY
https://www.ledgerwallet.com/products/12-ledger-nano-s 
142 11 Laurent GUERBY
https://github.com/LedgerHQ 
143 11 Laurent GUERBY
https://www.ledgerwallet.com/products/9-ledger-blue
144 17 Laurent GUERBY
145 17 Laurent GUERBY
http://digiposte.fr
146 17 Laurent GUERBY
edf, gdf, impots, assurances en auto via un id (?)
147 17 Laurent GUERBY
tu peux récupérer un zip des dossiers
148 20 Laurent GUERBY
149 20 Laurent GUERBY
150 20 Laurent GUERBY
https://lauren.vortex.com/2017/01/05/biting-the-bullet-its-time-to-require-2-factor-verified-logins
151 21 Laurent GUERBY
https://cloud.google.com/security/security-design/
152 22 Laurent GUERBY
https://github.com/google/key-transparency
153 27 Laurent GUERBY
https://www.facebook.com/notes/facebook-security/security-key-for-safer-logins-with-a-touch/10154125089265766
154 25 Laurent GUERBY
155 28 Laurent GUERBY
https://tech.slashdot.org/story/17/01/30/2023249/facebooks-new-tool-looks-to-replace-traditional-two-factor-authentication
156 28 Laurent GUERBY
https://www.facebook.com/notes/protect-the-graph/improving-account-security-with-delegated-recovery/1833022090271267
157 28 Laurent GUERBY
158 31 Laurent GUERBY
https://keybase.io/blog/keybase-chat
159 31 Laurent GUERBY
160 32 Laurent GUERBY
https://arstechnica.com/gadgets/2017/02/no-key-no-login-g-suite-admins-can-now-make-fido-security-keys-mandatory/
161 32 Laurent GUERBY
162 33 Matthieu Herrb
https://chown.me/blog/my-recent-journey-with-2FA.html
163 33 Matthieu Herrb
164 34 Laurent GUERBY
https://korben.info/keybox-console-centraliser-vos-acces-ssh.html
165 34 Laurent GUERBY
http://sshkeybox.com/
166 34 Laurent GUERBY
167 42 Laurent GUERBY
https://github.com/lipp/login-with
168 42 Laurent GUERBY
169 43 Laurent GUERBY
https://blog.plan99.net/building-account-systems-f790bf5fdbe0
170 43 Laurent GUERBY
https://www.troyhunt.com/passwords-evolved-authentication-guidance-for-the-modern-era/
171 44 Laurent GUERBY
https://www.troyhunt.com/password-managers-dont-have-to-be-perfect-they-just-have-to-be-better-than-not-having-one/
172 45 Laurent GUERBY
https://www.owasp.org/index.php/Password_Storage_Cheat_Sheet
173 45 Laurent GUERBY
https://blogs.dropbox.com/tech/2016/09/how-dropbox-securely-stores-your-passwords/
174 46 Laurent GUERBY
https://www.troyhunt.com/introducing-306-million-freely-downloadable-pwned-passwords/
175 43 Laurent GUERBY
176 25 Laurent GUERBY
h2. Passwords
177 25 Laurent GUERBY
178 26 Guilhem Saurel
https://www.passwordstore.org/
179 25 Laurent GUERBY
https://keepassxreboot.github.io/project
180 35 Laurent GUERBY
https://ask.slashdot.org/story/17/03/08/212244/ask-slashdot-should-you-use-password-managers