Projet

Général

Profil

Authentification » Historique » Version 78

Laurent GUERBY, 24/07/2018 23:37

1 1 Laurent GUERBY
{{>toc}}
2 1 Laurent GUERBY
3 1 Laurent GUERBY
h1. Authentification
4 1 Laurent GUERBY
5 25 Laurent GUERBY
h2. Liens
6 25 Laurent GUERBY
7 75 Laurent GUERBY
https://krebsonsecurity.com/2018/07/google-security-keys-neutered-employee-phishing/
8 75 Laurent GUERBY
https://tech.slashdot.org/story/18/07/23/1944236/none-of-googles-85000-employees-have-been-phished-in-more-than-a-year-after-company-required-them-to-use-physical-security-keys-for-2fa
9 75 Laurent GUERBY
https://twofactorauth.org/
10 75 Laurent GUERBY
https://www.yubico.com/2017/11/how-to-navigate-fido-u2f-in-firefox-quantum/
11 76 Laurent GUERBY
https://blog.mozilla.org/blog/2018/05/09/firefox-gets-down-to-business-and-its-personal/
12 77 Laurent GUERBY
https://hacks.mozilla.org/2018/01/using-hardware-token-based-2fa-with-the-webauthn-api/
13 78 Laurent GUERBY
http://tomu.im/
14 75 Laurent GUERBY
15 3 Laurent GUERBY
https://en.wikipedia.org/wiki/YubiKey
16 1 Laurent GUERBY
17 66 Laurent GUERBY
https://0day.work/using-a-yubikey-for-gpg-and-ssh/
18 66 Laurent GUERBY
19 54 Laurent GUERBY
https://tech.slashdot.org/story/17/10/01/2130249/google-plans-upgrade-of-two-factor-authentication-for-politicians-and-ceos
20 54 Laurent GUERBY
21 62 Laurent GUERBY
https://www.evilsocket.net/2017/12/07/DIY-Portable-Secrets-Manager-with-a-RPI-Zero-and-the-ARC-Project/
22 62 Laurent GUERBY
23 55 Laurent GUERBY
https://lwn.net/Articles/734767/
24 55 Laurent GUERBY
Strategies for offline PGP key storage
25 55 Laurent GUERBY
26 68 Laurent GUERBY
https://blog.cloudflare.com/how-developers-got-password-security-so-wrong/
27 68 Laurent GUERBY
28 67 Laurent GUERBY
https://www.crowdsupply.com/sutajio-kosagi/tomu
29 67 Laurent GUERBY
30 73 Laurent GUERBY
https://www.tartarefr.eu/remplacer-les-mots-de-passe-par-linsertion-dune-cle-usb/
31 73 Laurent GUERBY
32 60 Laurent GUERBY
https://lwn.net/Articles/736231/
33 60 Laurent GUERBY
A comparison of cryptographic keycards
34 60 Laurent GUERBY
35 69 Laurent GUERBY
https://lwn.net/Articles/750430/
36 69 Laurent GUERBY
Free Nitrokey cryptographic cards for kernel developers
37 69 Laurent GUERBY
38 74 Laurent GUERBY
https://anarc.at/blog/2017-10-26-comparison-cryptographic-keycards/
39 74 Laurent GUERBY
40 72 Laurent GUERBY
https://mozilla-lockbox.github.io/
41 72 Laurent GUERBY
42 70 Laurent GUERBY
https://www.nextinpact.com/news/106385-connexion-securisee-api-webauthn-presque-finalisee-premiere-yubikey-fido2.htm
43 71 Laurent GUERBY
https://linode.com/docs/security/authentication/use-one-time-passwords-for-two-factor-authentication-with-ssh-on-ubuntu-16-04-and-debian-8/
44 71 Laurent GUERBY
https://support.yubico.com/support/solutions/articles/15000006444-losing-your-yubikey
45 70 Laurent GUERBY
46 63 Laurent GUERBY
https://hackaday.com/2017/12/14/using-gmail-with-oauth2-in-linux-and-on-an-esp8266/
47 63 Laurent GUERBY
48 61 Laurent GUERBY
https://www.imperialviolet.org/2017/10/08/securitykeytest.html
49 61 Laurent GUERBY
Testing Security Keys (08 Oct 2017)
50 61 Laurent GUERBY
51 61 Laurent GUERBY
https://github.com/hillbrad/U2FReviews#u2freviews
52 61 Laurent GUERBY
53 65 Laurent GUERBY
https://hackaday.com/2018/01/04/two-factor-authentication-with-the-esp8266/
54 65 Laurent GUERBY
55 56 Laurent GUERBY
https://hackaday.com/2017/10/16/inside-two-factor-authentication-apps
56 56 Laurent GUERBY
57 59 Laurent GUERBY
https://www.nextinpact.com/brief/protonmail-proposera-sa-propre-cle-de-securite-u2f-789.htm
58 59 Laurent GUERBY
59 47 Laurent GUERBY
https://www.crowdsupply.com/nth-dimension/signet
60 48 Laurent GUERBY
$39 kicad design
61 1 Laurent GUERBY
62 64 Laurent GUERBY
https://www.libre-parcours.net/post/comment-je-gere-mes-mots-de-passe/
63 64 Laurent GUERBY
64 57 Laurent GUERBY
https://protonmail.com/blog/encrypted_email_authentication/
65 57 Laurent GUERBY
https://tools.ietf.org/html/rfc2945
66 58 Laurent GUERBY
   The SRP Authentication and Key Exchange System Secure Remote Password (SRP)
67 57 Laurent GUERBY
68 57 Laurent GUERBY
69 48 Laurent GUERBY
https://www.crowdsupply.com/third-pin/pastilda
70 48 Laurent GUERBY
   $50 middle USB in out
71 48 Laurent GUERBY
   pas vraiment de design file dispo ?
72 48 Laurent GUERBY
   https://bitbucket.org/thirdpin_team/pastilda
73 48 Laurent GUERBY
   old https://github.com/thirdpin/pastilda
74 48 Laurent GUERBY
   
75 50 Laurent GUERBY
https://www.ory.am/run-oauth2-server-open-source-api-security.html
76 49 Laurent GUERBY
https://github.com/ory/hydra
77 49 Laurent GUERBY
   Oauth2 high performance
78 48 Laurent GUERBY
79 53 Laurent GUERBY
https://www.owasp.org/index.php/Authentication_Cheat_Sheet
80 53 Laurent GUERBY
  The Open Web Application Security Project
81 53 Laurent GUERBY
82 1 Laurent GUERBY
https://github.com/conorpp/u2f-zero
83 1 Laurent GUERBY
U2F Zero
84 1 Laurent GUERBY
U2F Zero is an open source U2F token for 2 factor authentication. It is implemented securely. It works with Google accounts, Github, Duo, OpenSSH, and anything else supporting U2F.
85 23 Laurent GUERBY
http://hackaday.com/2017/01/17/shmoocon-2017-the-ins-and-outs-of-manufacturing-and-selling-hardware/
86 36 Laurent GUERBY
https://www.u2fzero.com/
87 2 Laurent GUERBY
88 51 Laurent GUERBY
https://plus.google.com/+LaurenWeinstein/posts/avKcX7QmASi
89 51 Laurent GUERBY
Do I really need to bother with Google's 2-Step Verification system? I don't need more hassle and my passwords are pretty good.
90 51 Laurent GUERBY
91 52 Laurent GUERBY
https://lauren.vortex.com/2017/06/10/google-users-who-want-to-use-2-factor-protections-but-dont-understand-how
92 52 Laurent GUERBY
93 52 Laurent GUERBY
94 38 Laurent GUERBY
https://it.slashdot.org/story/17/05/04/218210/google-was-warned-about-this-weeks-mass-phishing-email-attack-six-years-ago
95 39 Laurent GUERBY
https://oauth.net/
96 41 Laurent GUERBY
https://arstechnica.com/security/2017/05/thieves-drain-2fa-protected-bank-accounts-by-abusing-ss7-routing-protocol/
97 38 Laurent GUERBY
98 12 Laurent GUERBY
http://arstechnica.com/security/2016/12/this-low-cost-device-may-be-the-worlds-best-hope-against-account-takeovers/
99 12 Laurent GUERBY
https://en.wikipedia.org/wiki/Universal_2nd_Factor
100 13 Laurent GUERBY
https://it.slashdot.org/story/16/12/24/0037256/u2f-security-keys-may-be-the-worlds-best-hope-against-account-takeovers
101 13 Laurent GUERBY
https://shop.nitrokey.com/shop/product/nitrokey-u2f-5
102 13 Laurent GUERBY
https://homepages.laas.fr/matthieu/talks/token-capitoul.pdf
103 14 Matthieu Herrb
https://github.com/ruimarinho/yubikey-handbook
104 37 Matthieu Herrb
https://research.kudelskisecurity.com/2017/04/28/configuring-yubikey-for-gpg-and-u2f/
105 12 Laurent GUERBY
106 7 Laurent GUERBY
http://hackaday.com/2016/09/29/taking-a-u2f-hardware-key-from-design-to-production/
107 7 Laurent GUERBY
108 1 Laurent GUERBY
https://m.nextinpact.com/news/102201-clefs-gpg-comment-stocker-et-utiliser-via-clef-usb-openpgp-card.htm
109 30 Guilhem Saurel
https://www.palkeo.com/sys/yubikey.html
110 29 Laurent GUERBY
111 24 Laurent GUERBY
http://www.limpkin.fr/index.php?post/2017/01/13/A-Mass-Programming-Bench-for-ATMega32u4-MCUs
112 40 Laurent GUERBY
113 40 Laurent GUERBY
https://www.themooltipass.com/
114 24 Laurent GUERBY
https://www.indiegogo.com/projects/mooltipass-open-source-offline-password-keeper
115 24 Laurent GUERBY
https://www.kickstarter.com/projects/limpkin/mooltipass-mini-your-passwords-on-the-go
116 24 Laurent GUERBY
117 2 Laurent GUERBY
https://raymii.org/s/articles/Get_Started_With_The_Nitrokey_HSM.html#SSH_Keys_with_the_HSM
118 2 Laurent GUERBY
119 16 Laurent GUERBY
https://media.ccc.de/v/33c3-8314-bootstraping_a_slightly_more_secure_laptop
120 16 Laurent GUERBY
121 15 Laurent GUERBY
https://portier.github.io/
122 15 Laurent GUERBY
123 2 Laurent GUERBY
https://sec2016.rmll.info/programme/#usb-armory
124 2 Laurent GUERBY
https://sec2016.rmll.info//files/
125 1 Laurent GUERBY
https://sec2016.rmll.info//files/20160704-02-Barisani-forging_the_usb_armory.pdf
126 48 Laurent GUERBY
https://www.crowdsupply.com/inverse-path/usb-armory
127 48 Laurent GUERBY
  $130
128 48 Laurent GUERBY
  kicad https://github.com/inversepath/usbarmory/tree/master/hardware
129 4 Laurent GUERBY
130 4 Laurent GUERBY
http://keithp.com/blogs/chaoskey/
131 4 Laurent GUERBY
http://saimei.acc.umu.se/pub/debian-meetings/2016/debconf16/Chaoskey_A_Hardware_Random_Number_Generator_for_Everyone.webm
132 5 Laurent GUERBY
133 5 Laurent GUERBY
http://www.nextinpact.com/news/100871-choisir-bon-mot-passe-regles-a-connaitre-pieges-a-eviter.htm
134 5 Laurent GUERBY
http://www.nextinpact.com/news/96167-u2f-double-authentification-par-clef-usb-se-repand-et-debarque-dans-dropbox.htm
135 6 Laurent GUERBY
https://forum.nextinpact.com/topic/157193-bien-g%C3%A9rer-ses-mots-de-passe/
136 5 Laurent GUERBY
https://fidoalliance.org/
137 18 Laurent GUERBY
https://blog.adafruit.com/2017/01/04/new-product-fido-u2f-security-key-u2f-usb-two-step-authentication-security/
138 19 Laurent GUERBY
https://www.ledgerwallet.com/products/12-ledger-nano-s
139 8 Laurent GUERBY
140 8 Laurent GUERBY
https://www.entrouvert.com/fr/identite-numerique/authentic-2/
141 9 Laurent GUERBY
142 9 Laurent GUERBY
143 9 Laurent GUERBY
https://indico.mathrice.fr/event/27/contribution/13/material/slides/0.pdf
144 9 Laurent GUERBY
Principe de fonctionnement OAuth2
145 10 Laurent GUERBY
146 10 Laurent GUERBY
http://blog.hansenpartnership.com/using-your-tpm-as-a-secure-key-store/
147 10 Laurent GUERBY
https://blog.filippo.io/giving-up-on-long-term-pgp/
148 11 Laurent GUERBY
149 11 Laurent GUERBY
https://www.ledgerwallet.com/products/12-ledger-nano-s 
150 11 Laurent GUERBY
https://github.com/LedgerHQ 
151 11 Laurent GUERBY
https://www.ledgerwallet.com/products/9-ledger-blue
152 17 Laurent GUERBY
153 17 Laurent GUERBY
http://digiposte.fr
154 17 Laurent GUERBY
edf, gdf, impots, assurances en auto via un id (?)
155 17 Laurent GUERBY
tu peux récupérer un zip des dossiers
156 20 Laurent GUERBY
157 20 Laurent GUERBY
158 20 Laurent GUERBY
https://lauren.vortex.com/2017/01/05/biting-the-bullet-its-time-to-require-2-factor-verified-logins
159 21 Laurent GUERBY
https://cloud.google.com/security/security-design/
160 22 Laurent GUERBY
https://github.com/google/key-transparency
161 27 Laurent GUERBY
https://www.facebook.com/notes/facebook-security/security-key-for-safer-logins-with-a-touch/10154125089265766
162 25 Laurent GUERBY
163 28 Laurent GUERBY
https://tech.slashdot.org/story/17/01/30/2023249/facebooks-new-tool-looks-to-replace-traditional-two-factor-authentication
164 28 Laurent GUERBY
https://www.facebook.com/notes/protect-the-graph/improving-account-security-with-delegated-recovery/1833022090271267
165 28 Laurent GUERBY
166 31 Laurent GUERBY
https://keybase.io/blog/keybase-chat
167 31 Laurent GUERBY
168 32 Laurent GUERBY
https://arstechnica.com/gadgets/2017/02/no-key-no-login-g-suite-admins-can-now-make-fido-security-keys-mandatory/
169 32 Laurent GUERBY
170 33 Matthieu Herrb
https://chown.me/blog/my-recent-journey-with-2FA.html
171 33 Matthieu Herrb
172 34 Laurent GUERBY
https://korben.info/keybox-console-centraliser-vos-acces-ssh.html
173 34 Laurent GUERBY
http://sshkeybox.com/
174 34 Laurent GUERBY
175 42 Laurent GUERBY
https://github.com/lipp/login-with
176 42 Laurent GUERBY
177 43 Laurent GUERBY
https://blog.plan99.net/building-account-systems-f790bf5fdbe0
178 43 Laurent GUERBY
https://www.troyhunt.com/passwords-evolved-authentication-guidance-for-the-modern-era/
179 44 Laurent GUERBY
https://www.troyhunt.com/password-managers-dont-have-to-be-perfect-they-just-have-to-be-better-than-not-having-one/
180 45 Laurent GUERBY
https://www.owasp.org/index.php/Password_Storage_Cheat_Sheet
181 45 Laurent GUERBY
https://blogs.dropbox.com/tech/2016/09/how-dropbox-securely-stores-your-passwords/
182 46 Laurent GUERBY
https://www.troyhunt.com/introducing-306-million-freely-downloadable-pwned-passwords/
183 43 Laurent GUERBY
184 25 Laurent GUERBY
h2. Passwords
185 25 Laurent GUERBY
186 26 Guilhem Saurel
https://www.passwordstore.org/
187 25 Laurent GUERBY
https://keepassxreboot.github.io/project
188 35 Laurent GUERBY
https://ask.slashdot.org/story/17/03/08/212244/ask-slashdot-should-you-use-password-managers