Projet

Général

Profil

Authentification » Historique » Version 60

Laurent GUERBY, 19/11/2017 12:59

1 1 Laurent GUERBY
{{>toc}}
2 1 Laurent GUERBY
3 1 Laurent GUERBY
h1. Authentification
4 1 Laurent GUERBY
5 25 Laurent GUERBY
h2. Liens
6 25 Laurent GUERBY
7 3 Laurent GUERBY
https://en.wikipedia.org/wiki/YubiKey
8 1 Laurent GUERBY
9 54 Laurent GUERBY
https://tech.slashdot.org/story/17/10/01/2130249/google-plans-upgrade-of-two-factor-authentication-for-politicians-and-ceos
10 54 Laurent GUERBY
11 55 Laurent GUERBY
https://lwn.net/Articles/734767/
12 55 Laurent GUERBY
Strategies for offline PGP key storage
13 55 Laurent GUERBY
14 60 Laurent GUERBY
https://lwn.net/Articles/736231/
15 60 Laurent GUERBY
A comparison of cryptographic keycards
16 60 Laurent GUERBY
17 56 Laurent GUERBY
https://hackaday.com/2017/10/16/inside-two-factor-authentication-apps
18 56 Laurent GUERBY
19 59 Laurent GUERBY
https://www.nextinpact.com/brief/protonmail-proposera-sa-propre-cle-de-securite-u2f-789.htm
20 59 Laurent GUERBY
21 47 Laurent GUERBY
https://www.crowdsupply.com/nth-dimension/signet
22 48 Laurent GUERBY
$39 kicad design
23 1 Laurent GUERBY
24 57 Laurent GUERBY
https://protonmail.com/blog/encrypted_email_authentication/
25 57 Laurent GUERBY
https://tools.ietf.org/html/rfc2945
26 58 Laurent GUERBY
   The SRP Authentication and Key Exchange System Secure Remote Password (SRP)
27 57 Laurent GUERBY
28 57 Laurent GUERBY
29 48 Laurent GUERBY
https://www.crowdsupply.com/third-pin/pastilda
30 48 Laurent GUERBY
   $50 middle USB in out
31 48 Laurent GUERBY
   pas vraiment de design file dispo ?
32 48 Laurent GUERBY
   https://bitbucket.org/thirdpin_team/pastilda
33 48 Laurent GUERBY
   old https://github.com/thirdpin/pastilda
34 48 Laurent GUERBY
   
35 50 Laurent GUERBY
https://www.ory.am/run-oauth2-server-open-source-api-security.html
36 49 Laurent GUERBY
https://github.com/ory/hydra
37 49 Laurent GUERBY
   Oauth2 high performance
38 48 Laurent GUERBY
39 53 Laurent GUERBY
https://www.owasp.org/index.php/Authentication_Cheat_Sheet
40 53 Laurent GUERBY
  The Open Web Application Security Project
41 53 Laurent GUERBY
42 1 Laurent GUERBY
https://github.com/conorpp/u2f-zero
43 1 Laurent GUERBY
U2F Zero
44 1 Laurent GUERBY
U2F Zero is an open source U2F token for 2 factor authentication. It is implemented securely. It works with Google accounts, Github, Duo, OpenSSH, and anything else supporting U2F.
45 23 Laurent GUERBY
http://hackaday.com/2017/01/17/shmoocon-2017-the-ins-and-outs-of-manufacturing-and-selling-hardware/
46 36 Laurent GUERBY
https://www.u2fzero.com/
47 2 Laurent GUERBY
48 51 Laurent GUERBY
https://plus.google.com/+LaurenWeinstein/posts/avKcX7QmASi
49 51 Laurent GUERBY
Do I really need to bother with Google's 2-Step Verification system? I don't need more hassle and my passwords are pretty good.
50 51 Laurent GUERBY
51 52 Laurent GUERBY
https://lauren.vortex.com/2017/06/10/google-users-who-want-to-use-2-factor-protections-but-dont-understand-how
52 52 Laurent GUERBY
53 52 Laurent GUERBY
54 38 Laurent GUERBY
https://it.slashdot.org/story/17/05/04/218210/google-was-warned-about-this-weeks-mass-phishing-email-attack-six-years-ago
55 39 Laurent GUERBY
https://oauth.net/
56 41 Laurent GUERBY
https://arstechnica.com/security/2017/05/thieves-drain-2fa-protected-bank-accounts-by-abusing-ss7-routing-protocol/
57 38 Laurent GUERBY
58 12 Laurent GUERBY
http://arstechnica.com/security/2016/12/this-low-cost-device-may-be-the-worlds-best-hope-against-account-takeovers/
59 12 Laurent GUERBY
https://en.wikipedia.org/wiki/Universal_2nd_Factor
60 13 Laurent GUERBY
https://it.slashdot.org/story/16/12/24/0037256/u2f-security-keys-may-be-the-worlds-best-hope-against-account-takeovers
61 13 Laurent GUERBY
https://shop.nitrokey.com/shop/product/nitrokey-u2f-5
62 13 Laurent GUERBY
https://homepages.laas.fr/matthieu/talks/token-capitoul.pdf
63 14 Matthieu Herrb
https://github.com/ruimarinho/yubikey-handbook
64 37 Matthieu Herrb
https://research.kudelskisecurity.com/2017/04/28/configuring-yubikey-for-gpg-and-u2f/
65 12 Laurent GUERBY
66 7 Laurent GUERBY
http://hackaday.com/2016/09/29/taking-a-u2f-hardware-key-from-design-to-production/
67 7 Laurent GUERBY
68 1 Laurent GUERBY
https://m.nextinpact.com/news/102201-clefs-gpg-comment-stocker-et-utiliser-via-clef-usb-openpgp-card.htm
69 30 Guilhem Saurel
https://www.palkeo.com/sys/yubikey.html
70 29 Laurent GUERBY
71 24 Laurent GUERBY
http://www.limpkin.fr/index.php?post/2017/01/13/A-Mass-Programming-Bench-for-ATMega32u4-MCUs
72 40 Laurent GUERBY
73 40 Laurent GUERBY
https://www.themooltipass.com/
74 24 Laurent GUERBY
https://www.indiegogo.com/projects/mooltipass-open-source-offline-password-keeper
75 24 Laurent GUERBY
https://www.kickstarter.com/projects/limpkin/mooltipass-mini-your-passwords-on-the-go
76 24 Laurent GUERBY
77 2 Laurent GUERBY
https://raymii.org/s/articles/Get_Started_With_The_Nitrokey_HSM.html#SSH_Keys_with_the_HSM
78 2 Laurent GUERBY
79 16 Laurent GUERBY
https://media.ccc.de/v/33c3-8314-bootstraping_a_slightly_more_secure_laptop
80 16 Laurent GUERBY
81 15 Laurent GUERBY
https://portier.github.io/
82 15 Laurent GUERBY
83 2 Laurent GUERBY
https://sec2016.rmll.info/programme/#usb-armory
84 2 Laurent GUERBY
https://sec2016.rmll.info//files/
85 1 Laurent GUERBY
https://sec2016.rmll.info//files/20160704-02-Barisani-forging_the_usb_armory.pdf
86 48 Laurent GUERBY
https://www.crowdsupply.com/inverse-path/usb-armory
87 48 Laurent GUERBY
  $130
88 48 Laurent GUERBY
  kicad https://github.com/inversepath/usbarmory/tree/master/hardware
89 4 Laurent GUERBY
90 4 Laurent GUERBY
http://keithp.com/blogs/chaoskey/
91 4 Laurent GUERBY
http://saimei.acc.umu.se/pub/debian-meetings/2016/debconf16/Chaoskey_A_Hardware_Random_Number_Generator_for_Everyone.webm
92 5 Laurent GUERBY
93 5 Laurent GUERBY
http://www.nextinpact.com/news/100871-choisir-bon-mot-passe-regles-a-connaitre-pieges-a-eviter.htm
94 5 Laurent GUERBY
http://www.nextinpact.com/news/96167-u2f-double-authentification-par-clef-usb-se-repand-et-debarque-dans-dropbox.htm
95 6 Laurent GUERBY
https://forum.nextinpact.com/topic/157193-bien-g%C3%A9rer-ses-mots-de-passe/
96 5 Laurent GUERBY
https://fidoalliance.org/
97 18 Laurent GUERBY
https://blog.adafruit.com/2017/01/04/new-product-fido-u2f-security-key-u2f-usb-two-step-authentication-security/
98 19 Laurent GUERBY
https://www.ledgerwallet.com/products/12-ledger-nano-s
99 8 Laurent GUERBY
100 8 Laurent GUERBY
https://www.entrouvert.com/fr/identite-numerique/authentic-2/
101 9 Laurent GUERBY
102 9 Laurent GUERBY
103 9 Laurent GUERBY
https://indico.mathrice.fr/event/27/contribution/13/material/slides/0.pdf
104 9 Laurent GUERBY
Principe de fonctionnement OAuth2
105 10 Laurent GUERBY
106 10 Laurent GUERBY
http://blog.hansenpartnership.com/using-your-tpm-as-a-secure-key-store/
107 10 Laurent GUERBY
https://blog.filippo.io/giving-up-on-long-term-pgp/
108 11 Laurent GUERBY
109 11 Laurent GUERBY
https://www.ledgerwallet.com/products/12-ledger-nano-s 
110 11 Laurent GUERBY
https://github.com/LedgerHQ 
111 11 Laurent GUERBY
https://www.ledgerwallet.com/products/9-ledger-blue
112 17 Laurent GUERBY
113 17 Laurent GUERBY
http://digiposte.fr
114 17 Laurent GUERBY
edf, gdf, impots, assurances en auto via un id (?)
115 17 Laurent GUERBY
tu peux récupérer un zip des dossiers
116 20 Laurent GUERBY
117 20 Laurent GUERBY
118 20 Laurent GUERBY
https://lauren.vortex.com/2017/01/05/biting-the-bullet-its-time-to-require-2-factor-verified-logins
119 21 Laurent GUERBY
https://cloud.google.com/security/security-design/
120 22 Laurent GUERBY
https://github.com/google/key-transparency
121 27 Laurent GUERBY
https://www.facebook.com/notes/facebook-security/security-key-for-safer-logins-with-a-touch/10154125089265766
122 25 Laurent GUERBY
123 28 Laurent GUERBY
https://tech.slashdot.org/story/17/01/30/2023249/facebooks-new-tool-looks-to-replace-traditional-two-factor-authentication
124 28 Laurent GUERBY
https://www.facebook.com/notes/protect-the-graph/improving-account-security-with-delegated-recovery/1833022090271267
125 28 Laurent GUERBY
126 31 Laurent GUERBY
https://keybase.io/blog/keybase-chat
127 31 Laurent GUERBY
128 32 Laurent GUERBY
https://arstechnica.com/gadgets/2017/02/no-key-no-login-g-suite-admins-can-now-make-fido-security-keys-mandatory/
129 32 Laurent GUERBY
130 33 Matthieu Herrb
https://chown.me/blog/my-recent-journey-with-2FA.html
131 33 Matthieu Herrb
132 34 Laurent GUERBY
https://korben.info/keybox-console-centraliser-vos-acces-ssh.html
133 34 Laurent GUERBY
http://sshkeybox.com/
134 34 Laurent GUERBY
135 42 Laurent GUERBY
https://github.com/lipp/login-with
136 42 Laurent GUERBY
137 43 Laurent GUERBY
https://blog.plan99.net/building-account-systems-f790bf5fdbe0
138 43 Laurent GUERBY
https://www.troyhunt.com/passwords-evolved-authentication-guidance-for-the-modern-era/
139 44 Laurent GUERBY
https://www.troyhunt.com/password-managers-dont-have-to-be-perfect-they-just-have-to-be-better-than-not-having-one/
140 45 Laurent GUERBY
https://www.owasp.org/index.php/Password_Storage_Cheat_Sheet
141 45 Laurent GUERBY
https://blogs.dropbox.com/tech/2016/09/how-dropbox-securely-stores-your-passwords/
142 46 Laurent GUERBY
https://www.troyhunt.com/introducing-306-million-freely-downloadable-pwned-passwords/
143 43 Laurent GUERBY
144 25 Laurent GUERBY
h2. Passwords
145 25 Laurent GUERBY
146 26 Guilhem Saurel
https://www.passwordstore.org/
147 25 Laurent GUERBY
https://keepassxreboot.github.io/project
148 35 Laurent GUERBY
https://ask.slashdot.org/story/17/03/08/212244/ask-slashdot-should-you-use-password-managers