Projet

Général

Profil

Authentification » Historique » Version 76

Laurent GUERBY, 24/07/2018 23:21

1 1 Laurent GUERBY
{{>toc}}
2 1 Laurent GUERBY
3 1 Laurent GUERBY
h1. Authentification
4 1 Laurent GUERBY
5 25 Laurent GUERBY
h2. Liens
6 25 Laurent GUERBY
7 75 Laurent GUERBY
https://krebsonsecurity.com/2018/07/google-security-keys-neutered-employee-phishing/
8 75 Laurent GUERBY
https://tech.slashdot.org/story/18/07/23/1944236/none-of-googles-85000-employees-have-been-phished-in-more-than-a-year-after-company-required-them-to-use-physical-security-keys-for-2fa
9 75 Laurent GUERBY
https://twofactorauth.org/
10 75 Laurent GUERBY
https://www.yubico.com/2017/11/how-to-navigate-fido-u2f-in-firefox-quantum/
11 76 Laurent GUERBY
https://blog.mozilla.org/blog/2018/05/09/firefox-gets-down-to-business-and-its-personal/
12 75 Laurent GUERBY
13 3 Laurent GUERBY
https://en.wikipedia.org/wiki/YubiKey
14 1 Laurent GUERBY
15 66 Laurent GUERBY
https://0day.work/using-a-yubikey-for-gpg-and-ssh/
16 66 Laurent GUERBY
17 54 Laurent GUERBY
https://tech.slashdot.org/story/17/10/01/2130249/google-plans-upgrade-of-two-factor-authentication-for-politicians-and-ceos
18 54 Laurent GUERBY
19 62 Laurent GUERBY
https://www.evilsocket.net/2017/12/07/DIY-Portable-Secrets-Manager-with-a-RPI-Zero-and-the-ARC-Project/
20 62 Laurent GUERBY
21 55 Laurent GUERBY
https://lwn.net/Articles/734767/
22 55 Laurent GUERBY
Strategies for offline PGP key storage
23 55 Laurent GUERBY
24 68 Laurent GUERBY
https://blog.cloudflare.com/how-developers-got-password-security-so-wrong/
25 68 Laurent GUERBY
26 67 Laurent GUERBY
https://www.crowdsupply.com/sutajio-kosagi/tomu
27 67 Laurent GUERBY
28 73 Laurent GUERBY
https://www.tartarefr.eu/remplacer-les-mots-de-passe-par-linsertion-dune-cle-usb/
29 73 Laurent GUERBY
30 60 Laurent GUERBY
https://lwn.net/Articles/736231/
31 60 Laurent GUERBY
A comparison of cryptographic keycards
32 60 Laurent GUERBY
33 69 Laurent GUERBY
https://lwn.net/Articles/750430/
34 69 Laurent GUERBY
Free Nitrokey cryptographic cards for kernel developers
35 69 Laurent GUERBY
36 74 Laurent GUERBY
https://anarc.at/blog/2017-10-26-comparison-cryptographic-keycards/
37 74 Laurent GUERBY
38 72 Laurent GUERBY
https://mozilla-lockbox.github.io/
39 72 Laurent GUERBY
40 70 Laurent GUERBY
https://www.nextinpact.com/news/106385-connexion-securisee-api-webauthn-presque-finalisee-premiere-yubikey-fido2.htm
41 71 Laurent GUERBY
https://linode.com/docs/security/authentication/use-one-time-passwords-for-two-factor-authentication-with-ssh-on-ubuntu-16-04-and-debian-8/
42 71 Laurent GUERBY
https://support.yubico.com/support/solutions/articles/15000006444-losing-your-yubikey
43 70 Laurent GUERBY
44 63 Laurent GUERBY
https://hackaday.com/2017/12/14/using-gmail-with-oauth2-in-linux-and-on-an-esp8266/
45 63 Laurent GUERBY
46 61 Laurent GUERBY
https://www.imperialviolet.org/2017/10/08/securitykeytest.html
47 61 Laurent GUERBY
Testing Security Keys (08 Oct 2017)
48 61 Laurent GUERBY
49 61 Laurent GUERBY
https://github.com/hillbrad/U2FReviews#u2freviews
50 61 Laurent GUERBY
51 65 Laurent GUERBY
https://hackaday.com/2018/01/04/two-factor-authentication-with-the-esp8266/
52 65 Laurent GUERBY
53 56 Laurent GUERBY
https://hackaday.com/2017/10/16/inside-two-factor-authentication-apps
54 56 Laurent GUERBY
55 59 Laurent GUERBY
https://www.nextinpact.com/brief/protonmail-proposera-sa-propre-cle-de-securite-u2f-789.htm
56 59 Laurent GUERBY
57 47 Laurent GUERBY
https://www.crowdsupply.com/nth-dimension/signet
58 48 Laurent GUERBY
$39 kicad design
59 1 Laurent GUERBY
60 64 Laurent GUERBY
https://www.libre-parcours.net/post/comment-je-gere-mes-mots-de-passe/
61 64 Laurent GUERBY
62 57 Laurent GUERBY
https://protonmail.com/blog/encrypted_email_authentication/
63 57 Laurent GUERBY
https://tools.ietf.org/html/rfc2945
64 58 Laurent GUERBY
   The SRP Authentication and Key Exchange System Secure Remote Password (SRP)
65 57 Laurent GUERBY
66 57 Laurent GUERBY
67 48 Laurent GUERBY
https://www.crowdsupply.com/third-pin/pastilda
68 48 Laurent GUERBY
   $50 middle USB in out
69 48 Laurent GUERBY
   pas vraiment de design file dispo ?
70 48 Laurent GUERBY
   https://bitbucket.org/thirdpin_team/pastilda
71 48 Laurent GUERBY
   old https://github.com/thirdpin/pastilda
72 48 Laurent GUERBY
   
73 50 Laurent GUERBY
https://www.ory.am/run-oauth2-server-open-source-api-security.html
74 49 Laurent GUERBY
https://github.com/ory/hydra
75 49 Laurent GUERBY
   Oauth2 high performance
76 48 Laurent GUERBY
77 53 Laurent GUERBY
https://www.owasp.org/index.php/Authentication_Cheat_Sheet
78 53 Laurent GUERBY
  The Open Web Application Security Project
79 53 Laurent GUERBY
80 1 Laurent GUERBY
https://github.com/conorpp/u2f-zero
81 1 Laurent GUERBY
U2F Zero
82 1 Laurent GUERBY
U2F Zero is an open source U2F token for 2 factor authentication. It is implemented securely. It works with Google accounts, Github, Duo, OpenSSH, and anything else supporting U2F.
83 23 Laurent GUERBY
http://hackaday.com/2017/01/17/shmoocon-2017-the-ins-and-outs-of-manufacturing-and-selling-hardware/
84 36 Laurent GUERBY
https://www.u2fzero.com/
85 2 Laurent GUERBY
86 51 Laurent GUERBY
https://plus.google.com/+LaurenWeinstein/posts/avKcX7QmASi
87 51 Laurent GUERBY
Do I really need to bother with Google's 2-Step Verification system? I don't need more hassle and my passwords are pretty good.
88 51 Laurent GUERBY
89 52 Laurent GUERBY
https://lauren.vortex.com/2017/06/10/google-users-who-want-to-use-2-factor-protections-but-dont-understand-how
90 52 Laurent GUERBY
91 52 Laurent GUERBY
92 38 Laurent GUERBY
https://it.slashdot.org/story/17/05/04/218210/google-was-warned-about-this-weeks-mass-phishing-email-attack-six-years-ago
93 39 Laurent GUERBY
https://oauth.net/
94 41 Laurent GUERBY
https://arstechnica.com/security/2017/05/thieves-drain-2fa-protected-bank-accounts-by-abusing-ss7-routing-protocol/
95 38 Laurent GUERBY
96 12 Laurent GUERBY
http://arstechnica.com/security/2016/12/this-low-cost-device-may-be-the-worlds-best-hope-against-account-takeovers/
97 12 Laurent GUERBY
https://en.wikipedia.org/wiki/Universal_2nd_Factor
98 13 Laurent GUERBY
https://it.slashdot.org/story/16/12/24/0037256/u2f-security-keys-may-be-the-worlds-best-hope-against-account-takeovers
99 13 Laurent GUERBY
https://shop.nitrokey.com/shop/product/nitrokey-u2f-5
100 13 Laurent GUERBY
https://homepages.laas.fr/matthieu/talks/token-capitoul.pdf
101 14 Matthieu Herrb
https://github.com/ruimarinho/yubikey-handbook
102 37 Matthieu Herrb
https://research.kudelskisecurity.com/2017/04/28/configuring-yubikey-for-gpg-and-u2f/
103 12 Laurent GUERBY
104 7 Laurent GUERBY
http://hackaday.com/2016/09/29/taking-a-u2f-hardware-key-from-design-to-production/
105 7 Laurent GUERBY
106 1 Laurent GUERBY
https://m.nextinpact.com/news/102201-clefs-gpg-comment-stocker-et-utiliser-via-clef-usb-openpgp-card.htm
107 30 Guilhem Saurel
https://www.palkeo.com/sys/yubikey.html
108 29 Laurent GUERBY
109 24 Laurent GUERBY
http://www.limpkin.fr/index.php?post/2017/01/13/A-Mass-Programming-Bench-for-ATMega32u4-MCUs
110 40 Laurent GUERBY
111 40 Laurent GUERBY
https://www.themooltipass.com/
112 24 Laurent GUERBY
https://www.indiegogo.com/projects/mooltipass-open-source-offline-password-keeper
113 24 Laurent GUERBY
https://www.kickstarter.com/projects/limpkin/mooltipass-mini-your-passwords-on-the-go
114 24 Laurent GUERBY
115 2 Laurent GUERBY
https://raymii.org/s/articles/Get_Started_With_The_Nitrokey_HSM.html#SSH_Keys_with_the_HSM
116 2 Laurent GUERBY
117 16 Laurent GUERBY
https://media.ccc.de/v/33c3-8314-bootstraping_a_slightly_more_secure_laptop
118 16 Laurent GUERBY
119 15 Laurent GUERBY
https://portier.github.io/
120 15 Laurent GUERBY
121 2 Laurent GUERBY
https://sec2016.rmll.info/programme/#usb-armory
122 2 Laurent GUERBY
https://sec2016.rmll.info//files/
123 1 Laurent GUERBY
https://sec2016.rmll.info//files/20160704-02-Barisani-forging_the_usb_armory.pdf
124 48 Laurent GUERBY
https://www.crowdsupply.com/inverse-path/usb-armory
125 48 Laurent GUERBY
  $130
126 48 Laurent GUERBY
  kicad https://github.com/inversepath/usbarmory/tree/master/hardware
127 4 Laurent GUERBY
128 4 Laurent GUERBY
http://keithp.com/blogs/chaoskey/
129 4 Laurent GUERBY
http://saimei.acc.umu.se/pub/debian-meetings/2016/debconf16/Chaoskey_A_Hardware_Random_Number_Generator_for_Everyone.webm
130 5 Laurent GUERBY
131 5 Laurent GUERBY
http://www.nextinpact.com/news/100871-choisir-bon-mot-passe-regles-a-connaitre-pieges-a-eviter.htm
132 5 Laurent GUERBY
http://www.nextinpact.com/news/96167-u2f-double-authentification-par-clef-usb-se-repand-et-debarque-dans-dropbox.htm
133 6 Laurent GUERBY
https://forum.nextinpact.com/topic/157193-bien-g%C3%A9rer-ses-mots-de-passe/
134 5 Laurent GUERBY
https://fidoalliance.org/
135 18 Laurent GUERBY
https://blog.adafruit.com/2017/01/04/new-product-fido-u2f-security-key-u2f-usb-two-step-authentication-security/
136 19 Laurent GUERBY
https://www.ledgerwallet.com/products/12-ledger-nano-s
137 8 Laurent GUERBY
138 8 Laurent GUERBY
https://www.entrouvert.com/fr/identite-numerique/authentic-2/
139 9 Laurent GUERBY
140 9 Laurent GUERBY
141 9 Laurent GUERBY
https://indico.mathrice.fr/event/27/contribution/13/material/slides/0.pdf
142 9 Laurent GUERBY
Principe de fonctionnement OAuth2
143 10 Laurent GUERBY
144 10 Laurent GUERBY
http://blog.hansenpartnership.com/using-your-tpm-as-a-secure-key-store/
145 10 Laurent GUERBY
https://blog.filippo.io/giving-up-on-long-term-pgp/
146 11 Laurent GUERBY
147 11 Laurent GUERBY
https://www.ledgerwallet.com/products/12-ledger-nano-s 
148 11 Laurent GUERBY
https://github.com/LedgerHQ 
149 11 Laurent GUERBY
https://www.ledgerwallet.com/products/9-ledger-blue
150 17 Laurent GUERBY
151 17 Laurent GUERBY
http://digiposte.fr
152 17 Laurent GUERBY
edf, gdf, impots, assurances en auto via un id (?)
153 17 Laurent GUERBY
tu peux récupérer un zip des dossiers
154 20 Laurent GUERBY
155 20 Laurent GUERBY
156 20 Laurent GUERBY
https://lauren.vortex.com/2017/01/05/biting-the-bullet-its-time-to-require-2-factor-verified-logins
157 21 Laurent GUERBY
https://cloud.google.com/security/security-design/
158 22 Laurent GUERBY
https://github.com/google/key-transparency
159 27 Laurent GUERBY
https://www.facebook.com/notes/facebook-security/security-key-for-safer-logins-with-a-touch/10154125089265766
160 25 Laurent GUERBY
161 28 Laurent GUERBY
https://tech.slashdot.org/story/17/01/30/2023249/facebooks-new-tool-looks-to-replace-traditional-two-factor-authentication
162 28 Laurent GUERBY
https://www.facebook.com/notes/protect-the-graph/improving-account-security-with-delegated-recovery/1833022090271267
163 28 Laurent GUERBY
164 31 Laurent GUERBY
https://keybase.io/blog/keybase-chat
165 31 Laurent GUERBY
166 32 Laurent GUERBY
https://arstechnica.com/gadgets/2017/02/no-key-no-login-g-suite-admins-can-now-make-fido-security-keys-mandatory/
167 32 Laurent GUERBY
168 33 Matthieu Herrb
https://chown.me/blog/my-recent-journey-with-2FA.html
169 33 Matthieu Herrb
170 34 Laurent GUERBY
https://korben.info/keybox-console-centraliser-vos-acces-ssh.html
171 34 Laurent GUERBY
http://sshkeybox.com/
172 34 Laurent GUERBY
173 42 Laurent GUERBY
https://github.com/lipp/login-with
174 42 Laurent GUERBY
175 43 Laurent GUERBY
https://blog.plan99.net/building-account-systems-f790bf5fdbe0
176 43 Laurent GUERBY
https://www.troyhunt.com/passwords-evolved-authentication-guidance-for-the-modern-era/
177 44 Laurent GUERBY
https://www.troyhunt.com/password-managers-dont-have-to-be-perfect-they-just-have-to-be-better-than-not-having-one/
178 45 Laurent GUERBY
https://www.owasp.org/index.php/Password_Storage_Cheat_Sheet
179 45 Laurent GUERBY
https://blogs.dropbox.com/tech/2016/09/how-dropbox-securely-stores-your-passwords/
180 46 Laurent GUERBY
https://www.troyhunt.com/introducing-306-million-freely-downloadable-pwned-passwords/
181 43 Laurent GUERBY
182 25 Laurent GUERBY
h2. Passwords
183 25 Laurent GUERBY
184 26 Guilhem Saurel
https://www.passwordstore.org/
185 25 Laurent GUERBY
https://keepassxreboot.github.io/project
186 35 Laurent GUERBY
https://ask.slashdot.org/story/17/03/08/212244/ask-slashdot-should-you-use-password-managers