Projet

Général

Profil

Authentification » Historique » Version 21

Version 20 (Laurent GUERBY, 12/01/2017 14:22) → Version 21/82 (Laurent GUERBY, 13/01/2017 10:40)

{{>toc}}

h1. Authentification

https://en.wikipedia.org/wiki/YubiKey

https://github.com/conorpp/u2f-zero
U2F Zero
U2F Zero is an open source U2F token for 2 factor authentication. It is implemented securely. It works with Google accounts, Github, Duo, OpenSSH, and anything else supporting U2F.

http://arstechnica.com/security/2016/12/this-low-cost-device-may-be-the-worlds-best-hope-against-account-takeovers/
https://en.wikipedia.org/wiki/Universal_2nd_Factor
https://it.slashdot.org/story/16/12/24/0037256/u2f-security-keys-may-be-the-worlds-best-hope-against-account-takeovers
https://shop.nitrokey.com/shop/product/nitrokey-u2f-5
https://homepages.laas.fr/matthieu/talks/token-capitoul.pdf
https://github.com/ruimarinho/yubikey-handbook

http://hackaday.com/2016/09/29/taking-a-u2f-hardware-key-from-design-to-production/

https://raymii.org/s/articles/Get_Started_With_The_Nitrokey_HSM.html#SSH_Keys_with_the_HSM

https://media.ccc.de/v/33c3-8314-bootstraping_a_slightly_more_secure_laptop

https://portier.github.io/

https://sec2016.rmll.info/programme/#usb-armory
https://sec2016.rmll.info//files/
https://sec2016.rmll.info//files/20160704-02-Barisani-forging_the_usb_armory.pdf

http://keithp.com/blogs/chaoskey/
http://saimei.acc.umu.se/pub/debian-meetings/2016/debconf16/Chaoskey_A_Hardware_Random_Number_Generator_for_Everyone.webm

http://www.nextinpact.com/news/100871-choisir-bon-mot-passe-regles-a-connaitre-pieges-a-eviter.htm
http://www.nextinpact.com/news/96167-u2f-double-authentification-par-clef-usb-se-repand-et-debarque-dans-dropbox.htm
https://forum.nextinpact.com/topic/157193-bien-g%C3%A9rer-ses-mots-de-passe/
https://fidoalliance.org/
https://blog.adafruit.com/2017/01/04/new-product-fido-u2f-security-key-u2f-usb-two-step-authentication-security/
https://www.ledgerwallet.com/products/12-ledger-nano-s

https://www.entrouvert.com/fr/identite-numerique/authentic-2/

https://indico.mathrice.fr/event/27/contribution/13/material/slides/0.pdf
Principe de fonctionnement OAuth2

http://blog.hansenpartnership.com/using-your-tpm-as-a-secure-key-store/
https://blog.filippo.io/giving-up-on-long-term-pgp/

https://www.ledgerwallet.com/products/12-ledger-nano-s
https://github.com/LedgerHQ
https://www.ledgerwallet.com/products/9-ledger-blue

http://digiposte.fr
edf, gdf, impots, assurances en auto via un id (?)
tu peux récupérer un zip des dossiers

https://lauren.vortex.com/2017/01/05/biting-the-bullet-its-time-to-require-2-factor-verified-logins
https://cloud.google.com/security/security-design/