Projet

Général

Profil

Authentification » Historique » Version 61

Laurent GUERBY, 07/12/2017 18:37

1 1 Laurent GUERBY
{{>toc}}
2 1 Laurent GUERBY
3 1 Laurent GUERBY
h1. Authentification
4 1 Laurent GUERBY
5 25 Laurent GUERBY
h2. Liens
6 25 Laurent GUERBY
7 3 Laurent GUERBY
https://en.wikipedia.org/wiki/YubiKey
8 1 Laurent GUERBY
9 54 Laurent GUERBY
https://tech.slashdot.org/story/17/10/01/2130249/google-plans-upgrade-of-two-factor-authentication-for-politicians-and-ceos
10 54 Laurent GUERBY
11 55 Laurent GUERBY
https://lwn.net/Articles/734767/
12 55 Laurent GUERBY
Strategies for offline PGP key storage
13 55 Laurent GUERBY
14 60 Laurent GUERBY
https://lwn.net/Articles/736231/
15 60 Laurent GUERBY
A comparison of cryptographic keycards
16 60 Laurent GUERBY
17 61 Laurent GUERBY
https://www.imperialviolet.org/2017/10/08/securitykeytest.html
18 61 Laurent GUERBY
Testing Security Keys (08 Oct 2017)
19 61 Laurent GUERBY
20 61 Laurent GUERBY
https://github.com/hillbrad/U2FReviews#u2freviews
21 61 Laurent GUERBY
22 56 Laurent GUERBY
https://hackaday.com/2017/10/16/inside-two-factor-authentication-apps
23 56 Laurent GUERBY
24 59 Laurent GUERBY
https://www.nextinpact.com/brief/protonmail-proposera-sa-propre-cle-de-securite-u2f-789.htm
25 59 Laurent GUERBY
26 47 Laurent GUERBY
https://www.crowdsupply.com/nth-dimension/signet
27 48 Laurent GUERBY
$39 kicad design
28 1 Laurent GUERBY
29 57 Laurent GUERBY
https://protonmail.com/blog/encrypted_email_authentication/
30 57 Laurent GUERBY
https://tools.ietf.org/html/rfc2945
31 58 Laurent GUERBY
   The SRP Authentication and Key Exchange System Secure Remote Password (SRP)
32 57 Laurent GUERBY
33 57 Laurent GUERBY
34 48 Laurent GUERBY
https://www.crowdsupply.com/third-pin/pastilda
35 48 Laurent GUERBY
   $50 middle USB in out
36 48 Laurent GUERBY
   pas vraiment de design file dispo ?
37 48 Laurent GUERBY
   https://bitbucket.org/thirdpin_team/pastilda
38 48 Laurent GUERBY
   old https://github.com/thirdpin/pastilda
39 48 Laurent GUERBY
   
40 50 Laurent GUERBY
https://www.ory.am/run-oauth2-server-open-source-api-security.html
41 49 Laurent GUERBY
https://github.com/ory/hydra
42 49 Laurent GUERBY
   Oauth2 high performance
43 48 Laurent GUERBY
44 53 Laurent GUERBY
https://www.owasp.org/index.php/Authentication_Cheat_Sheet
45 53 Laurent GUERBY
  The Open Web Application Security Project
46 53 Laurent GUERBY
47 1 Laurent GUERBY
https://github.com/conorpp/u2f-zero
48 1 Laurent GUERBY
U2F Zero
49 1 Laurent GUERBY
U2F Zero is an open source U2F token for 2 factor authentication. It is implemented securely. It works with Google accounts, Github, Duo, OpenSSH, and anything else supporting U2F.
50 23 Laurent GUERBY
http://hackaday.com/2017/01/17/shmoocon-2017-the-ins-and-outs-of-manufacturing-and-selling-hardware/
51 36 Laurent GUERBY
https://www.u2fzero.com/
52 2 Laurent GUERBY
53 51 Laurent GUERBY
https://plus.google.com/+LaurenWeinstein/posts/avKcX7QmASi
54 51 Laurent GUERBY
Do I really need to bother with Google's 2-Step Verification system? I don't need more hassle and my passwords are pretty good.
55 51 Laurent GUERBY
56 52 Laurent GUERBY
https://lauren.vortex.com/2017/06/10/google-users-who-want-to-use-2-factor-protections-but-dont-understand-how
57 52 Laurent GUERBY
58 52 Laurent GUERBY
59 38 Laurent GUERBY
https://it.slashdot.org/story/17/05/04/218210/google-was-warned-about-this-weeks-mass-phishing-email-attack-six-years-ago
60 39 Laurent GUERBY
https://oauth.net/
61 41 Laurent GUERBY
https://arstechnica.com/security/2017/05/thieves-drain-2fa-protected-bank-accounts-by-abusing-ss7-routing-protocol/
62 38 Laurent GUERBY
63 12 Laurent GUERBY
http://arstechnica.com/security/2016/12/this-low-cost-device-may-be-the-worlds-best-hope-against-account-takeovers/
64 12 Laurent GUERBY
https://en.wikipedia.org/wiki/Universal_2nd_Factor
65 13 Laurent GUERBY
https://it.slashdot.org/story/16/12/24/0037256/u2f-security-keys-may-be-the-worlds-best-hope-against-account-takeovers
66 13 Laurent GUERBY
https://shop.nitrokey.com/shop/product/nitrokey-u2f-5
67 13 Laurent GUERBY
https://homepages.laas.fr/matthieu/talks/token-capitoul.pdf
68 14 Matthieu Herrb
https://github.com/ruimarinho/yubikey-handbook
69 37 Matthieu Herrb
https://research.kudelskisecurity.com/2017/04/28/configuring-yubikey-for-gpg-and-u2f/
70 12 Laurent GUERBY
71 7 Laurent GUERBY
http://hackaday.com/2016/09/29/taking-a-u2f-hardware-key-from-design-to-production/
72 7 Laurent GUERBY
73 1 Laurent GUERBY
https://m.nextinpact.com/news/102201-clefs-gpg-comment-stocker-et-utiliser-via-clef-usb-openpgp-card.htm
74 30 Guilhem Saurel
https://www.palkeo.com/sys/yubikey.html
75 29 Laurent GUERBY
76 24 Laurent GUERBY
http://www.limpkin.fr/index.php?post/2017/01/13/A-Mass-Programming-Bench-for-ATMega32u4-MCUs
77 40 Laurent GUERBY
78 40 Laurent GUERBY
https://www.themooltipass.com/
79 24 Laurent GUERBY
https://www.indiegogo.com/projects/mooltipass-open-source-offline-password-keeper
80 24 Laurent GUERBY
https://www.kickstarter.com/projects/limpkin/mooltipass-mini-your-passwords-on-the-go
81 24 Laurent GUERBY
82 2 Laurent GUERBY
https://raymii.org/s/articles/Get_Started_With_The_Nitrokey_HSM.html#SSH_Keys_with_the_HSM
83 2 Laurent GUERBY
84 16 Laurent GUERBY
https://media.ccc.de/v/33c3-8314-bootstraping_a_slightly_more_secure_laptop
85 16 Laurent GUERBY
86 15 Laurent GUERBY
https://portier.github.io/
87 15 Laurent GUERBY
88 2 Laurent GUERBY
https://sec2016.rmll.info/programme/#usb-armory
89 2 Laurent GUERBY
https://sec2016.rmll.info//files/
90 1 Laurent GUERBY
https://sec2016.rmll.info//files/20160704-02-Barisani-forging_the_usb_armory.pdf
91 48 Laurent GUERBY
https://www.crowdsupply.com/inverse-path/usb-armory
92 48 Laurent GUERBY
  $130
93 48 Laurent GUERBY
  kicad https://github.com/inversepath/usbarmory/tree/master/hardware
94 4 Laurent GUERBY
95 4 Laurent GUERBY
http://keithp.com/blogs/chaoskey/
96 4 Laurent GUERBY
http://saimei.acc.umu.se/pub/debian-meetings/2016/debconf16/Chaoskey_A_Hardware_Random_Number_Generator_for_Everyone.webm
97 5 Laurent GUERBY
98 5 Laurent GUERBY
http://www.nextinpact.com/news/100871-choisir-bon-mot-passe-regles-a-connaitre-pieges-a-eviter.htm
99 5 Laurent GUERBY
http://www.nextinpact.com/news/96167-u2f-double-authentification-par-clef-usb-se-repand-et-debarque-dans-dropbox.htm
100 6 Laurent GUERBY
https://forum.nextinpact.com/topic/157193-bien-g%C3%A9rer-ses-mots-de-passe/
101 5 Laurent GUERBY
https://fidoalliance.org/
102 18 Laurent GUERBY
https://blog.adafruit.com/2017/01/04/new-product-fido-u2f-security-key-u2f-usb-two-step-authentication-security/
103 19 Laurent GUERBY
https://www.ledgerwallet.com/products/12-ledger-nano-s
104 8 Laurent GUERBY
105 8 Laurent GUERBY
https://www.entrouvert.com/fr/identite-numerique/authentic-2/
106 9 Laurent GUERBY
107 9 Laurent GUERBY
108 9 Laurent GUERBY
https://indico.mathrice.fr/event/27/contribution/13/material/slides/0.pdf
109 9 Laurent GUERBY
Principe de fonctionnement OAuth2
110 10 Laurent GUERBY
111 10 Laurent GUERBY
http://blog.hansenpartnership.com/using-your-tpm-as-a-secure-key-store/
112 10 Laurent GUERBY
https://blog.filippo.io/giving-up-on-long-term-pgp/
113 11 Laurent GUERBY
114 11 Laurent GUERBY
https://www.ledgerwallet.com/products/12-ledger-nano-s 
115 11 Laurent GUERBY
https://github.com/LedgerHQ 
116 11 Laurent GUERBY
https://www.ledgerwallet.com/products/9-ledger-blue
117 17 Laurent GUERBY
118 17 Laurent GUERBY
http://digiposte.fr
119 17 Laurent GUERBY
edf, gdf, impots, assurances en auto via un id (?)
120 17 Laurent GUERBY
tu peux récupérer un zip des dossiers
121 20 Laurent GUERBY
122 20 Laurent GUERBY
123 20 Laurent GUERBY
https://lauren.vortex.com/2017/01/05/biting-the-bullet-its-time-to-require-2-factor-verified-logins
124 21 Laurent GUERBY
https://cloud.google.com/security/security-design/
125 22 Laurent GUERBY
https://github.com/google/key-transparency
126 27 Laurent GUERBY
https://www.facebook.com/notes/facebook-security/security-key-for-safer-logins-with-a-touch/10154125089265766
127 25 Laurent GUERBY
128 28 Laurent GUERBY
https://tech.slashdot.org/story/17/01/30/2023249/facebooks-new-tool-looks-to-replace-traditional-two-factor-authentication
129 28 Laurent GUERBY
https://www.facebook.com/notes/protect-the-graph/improving-account-security-with-delegated-recovery/1833022090271267
130 28 Laurent GUERBY
131 31 Laurent GUERBY
https://keybase.io/blog/keybase-chat
132 31 Laurent GUERBY
133 32 Laurent GUERBY
https://arstechnica.com/gadgets/2017/02/no-key-no-login-g-suite-admins-can-now-make-fido-security-keys-mandatory/
134 32 Laurent GUERBY
135 33 Matthieu Herrb
https://chown.me/blog/my-recent-journey-with-2FA.html
136 33 Matthieu Herrb
137 34 Laurent GUERBY
https://korben.info/keybox-console-centraliser-vos-acces-ssh.html
138 34 Laurent GUERBY
http://sshkeybox.com/
139 34 Laurent GUERBY
140 42 Laurent GUERBY
https://github.com/lipp/login-with
141 42 Laurent GUERBY
142 43 Laurent GUERBY
https://blog.plan99.net/building-account-systems-f790bf5fdbe0
143 43 Laurent GUERBY
https://www.troyhunt.com/passwords-evolved-authentication-guidance-for-the-modern-era/
144 44 Laurent GUERBY
https://www.troyhunt.com/password-managers-dont-have-to-be-perfect-they-just-have-to-be-better-than-not-having-one/
145 45 Laurent GUERBY
https://www.owasp.org/index.php/Password_Storage_Cheat_Sheet
146 45 Laurent GUERBY
https://blogs.dropbox.com/tech/2016/09/how-dropbox-securely-stores-your-passwords/
147 46 Laurent GUERBY
https://www.troyhunt.com/introducing-306-million-freely-downloadable-pwned-passwords/
148 43 Laurent GUERBY
149 25 Laurent GUERBY
h2. Passwords
150 25 Laurent GUERBY
151 26 Guilhem Saurel
https://www.passwordstore.org/
152 25 Laurent GUERBY
https://keepassxreboot.github.io/project
153 35 Laurent GUERBY
https://ask.slashdot.org/story/17/03/08/212244/ask-slashdot-should-you-use-password-managers