Projet

Général

Profil

Authentification » Historique » Version 63

Laurent GUERBY, 21/12/2017 15:17

1 1 Laurent GUERBY
{{>toc}}
2 1 Laurent GUERBY
3 1 Laurent GUERBY
h1. Authentification
4 1 Laurent GUERBY
5 25 Laurent GUERBY
h2. Liens
6 25 Laurent GUERBY
7 3 Laurent GUERBY
https://en.wikipedia.org/wiki/YubiKey
8 1 Laurent GUERBY
9 54 Laurent GUERBY
https://tech.slashdot.org/story/17/10/01/2130249/google-plans-upgrade-of-two-factor-authentication-for-politicians-and-ceos
10 54 Laurent GUERBY
11 62 Laurent GUERBY
https://www.evilsocket.net/2017/12/07/DIY-Portable-Secrets-Manager-with-a-RPI-Zero-and-the-ARC-Project/
12 62 Laurent GUERBY
13 55 Laurent GUERBY
https://lwn.net/Articles/734767/
14 55 Laurent GUERBY
Strategies for offline PGP key storage
15 55 Laurent GUERBY
16 60 Laurent GUERBY
https://lwn.net/Articles/736231/
17 60 Laurent GUERBY
A comparison of cryptographic keycards
18 60 Laurent GUERBY
19 63 Laurent GUERBY
https://hackaday.com/2017/12/14/using-gmail-with-oauth2-in-linux-and-on-an-esp8266/
20 63 Laurent GUERBY
21 61 Laurent GUERBY
https://www.imperialviolet.org/2017/10/08/securitykeytest.html
22 61 Laurent GUERBY
Testing Security Keys (08 Oct 2017)
23 61 Laurent GUERBY
24 61 Laurent GUERBY
https://github.com/hillbrad/U2FReviews#u2freviews
25 61 Laurent GUERBY
26 56 Laurent GUERBY
https://hackaday.com/2017/10/16/inside-two-factor-authentication-apps
27 56 Laurent GUERBY
28 59 Laurent GUERBY
https://www.nextinpact.com/brief/protonmail-proposera-sa-propre-cle-de-securite-u2f-789.htm
29 59 Laurent GUERBY
30 47 Laurent GUERBY
https://www.crowdsupply.com/nth-dimension/signet
31 48 Laurent GUERBY
$39 kicad design
32 1 Laurent GUERBY
33 57 Laurent GUERBY
https://protonmail.com/blog/encrypted_email_authentication/
34 57 Laurent GUERBY
https://tools.ietf.org/html/rfc2945
35 58 Laurent GUERBY
   The SRP Authentication and Key Exchange System Secure Remote Password (SRP)
36 57 Laurent GUERBY
37 57 Laurent GUERBY
38 48 Laurent GUERBY
https://www.crowdsupply.com/third-pin/pastilda
39 48 Laurent GUERBY
   $50 middle USB in out
40 48 Laurent GUERBY
   pas vraiment de design file dispo ?
41 48 Laurent GUERBY
   https://bitbucket.org/thirdpin_team/pastilda
42 48 Laurent GUERBY
   old https://github.com/thirdpin/pastilda
43 48 Laurent GUERBY
   
44 50 Laurent GUERBY
https://www.ory.am/run-oauth2-server-open-source-api-security.html
45 49 Laurent GUERBY
https://github.com/ory/hydra
46 49 Laurent GUERBY
   Oauth2 high performance
47 48 Laurent GUERBY
48 53 Laurent GUERBY
https://www.owasp.org/index.php/Authentication_Cheat_Sheet
49 53 Laurent GUERBY
  The Open Web Application Security Project
50 53 Laurent GUERBY
51 1 Laurent GUERBY
https://github.com/conorpp/u2f-zero
52 1 Laurent GUERBY
U2F Zero
53 1 Laurent GUERBY
U2F Zero is an open source U2F token for 2 factor authentication. It is implemented securely. It works with Google accounts, Github, Duo, OpenSSH, and anything else supporting U2F.
54 23 Laurent GUERBY
http://hackaday.com/2017/01/17/shmoocon-2017-the-ins-and-outs-of-manufacturing-and-selling-hardware/
55 36 Laurent GUERBY
https://www.u2fzero.com/
56 2 Laurent GUERBY
57 51 Laurent GUERBY
https://plus.google.com/+LaurenWeinstein/posts/avKcX7QmASi
58 51 Laurent GUERBY
Do I really need to bother with Google's 2-Step Verification system? I don't need more hassle and my passwords are pretty good.
59 51 Laurent GUERBY
60 52 Laurent GUERBY
https://lauren.vortex.com/2017/06/10/google-users-who-want-to-use-2-factor-protections-but-dont-understand-how
61 52 Laurent GUERBY
62 52 Laurent GUERBY
63 38 Laurent GUERBY
https://it.slashdot.org/story/17/05/04/218210/google-was-warned-about-this-weeks-mass-phishing-email-attack-six-years-ago
64 39 Laurent GUERBY
https://oauth.net/
65 41 Laurent GUERBY
https://arstechnica.com/security/2017/05/thieves-drain-2fa-protected-bank-accounts-by-abusing-ss7-routing-protocol/
66 38 Laurent GUERBY
67 12 Laurent GUERBY
http://arstechnica.com/security/2016/12/this-low-cost-device-may-be-the-worlds-best-hope-against-account-takeovers/
68 12 Laurent GUERBY
https://en.wikipedia.org/wiki/Universal_2nd_Factor
69 13 Laurent GUERBY
https://it.slashdot.org/story/16/12/24/0037256/u2f-security-keys-may-be-the-worlds-best-hope-against-account-takeovers
70 13 Laurent GUERBY
https://shop.nitrokey.com/shop/product/nitrokey-u2f-5
71 13 Laurent GUERBY
https://homepages.laas.fr/matthieu/talks/token-capitoul.pdf
72 14 Matthieu Herrb
https://github.com/ruimarinho/yubikey-handbook
73 37 Matthieu Herrb
https://research.kudelskisecurity.com/2017/04/28/configuring-yubikey-for-gpg-and-u2f/
74 12 Laurent GUERBY
75 7 Laurent GUERBY
http://hackaday.com/2016/09/29/taking-a-u2f-hardware-key-from-design-to-production/
76 7 Laurent GUERBY
77 1 Laurent GUERBY
https://m.nextinpact.com/news/102201-clefs-gpg-comment-stocker-et-utiliser-via-clef-usb-openpgp-card.htm
78 30 Guilhem Saurel
https://www.palkeo.com/sys/yubikey.html
79 29 Laurent GUERBY
80 24 Laurent GUERBY
http://www.limpkin.fr/index.php?post/2017/01/13/A-Mass-Programming-Bench-for-ATMega32u4-MCUs
81 40 Laurent GUERBY
82 40 Laurent GUERBY
https://www.themooltipass.com/
83 24 Laurent GUERBY
https://www.indiegogo.com/projects/mooltipass-open-source-offline-password-keeper
84 24 Laurent GUERBY
https://www.kickstarter.com/projects/limpkin/mooltipass-mini-your-passwords-on-the-go
85 24 Laurent GUERBY
86 2 Laurent GUERBY
https://raymii.org/s/articles/Get_Started_With_The_Nitrokey_HSM.html#SSH_Keys_with_the_HSM
87 2 Laurent GUERBY
88 16 Laurent GUERBY
https://media.ccc.de/v/33c3-8314-bootstraping_a_slightly_more_secure_laptop
89 16 Laurent GUERBY
90 15 Laurent GUERBY
https://portier.github.io/
91 15 Laurent GUERBY
92 2 Laurent GUERBY
https://sec2016.rmll.info/programme/#usb-armory
93 2 Laurent GUERBY
https://sec2016.rmll.info//files/
94 1 Laurent GUERBY
https://sec2016.rmll.info//files/20160704-02-Barisani-forging_the_usb_armory.pdf
95 48 Laurent GUERBY
https://www.crowdsupply.com/inverse-path/usb-armory
96 48 Laurent GUERBY
  $130
97 48 Laurent GUERBY
  kicad https://github.com/inversepath/usbarmory/tree/master/hardware
98 4 Laurent GUERBY
99 4 Laurent GUERBY
http://keithp.com/blogs/chaoskey/
100 4 Laurent GUERBY
http://saimei.acc.umu.se/pub/debian-meetings/2016/debconf16/Chaoskey_A_Hardware_Random_Number_Generator_for_Everyone.webm
101 5 Laurent GUERBY
102 5 Laurent GUERBY
http://www.nextinpact.com/news/100871-choisir-bon-mot-passe-regles-a-connaitre-pieges-a-eviter.htm
103 5 Laurent GUERBY
http://www.nextinpact.com/news/96167-u2f-double-authentification-par-clef-usb-se-repand-et-debarque-dans-dropbox.htm
104 6 Laurent GUERBY
https://forum.nextinpact.com/topic/157193-bien-g%C3%A9rer-ses-mots-de-passe/
105 5 Laurent GUERBY
https://fidoalliance.org/
106 18 Laurent GUERBY
https://blog.adafruit.com/2017/01/04/new-product-fido-u2f-security-key-u2f-usb-two-step-authentication-security/
107 19 Laurent GUERBY
https://www.ledgerwallet.com/products/12-ledger-nano-s
108 8 Laurent GUERBY
109 8 Laurent GUERBY
https://www.entrouvert.com/fr/identite-numerique/authentic-2/
110 9 Laurent GUERBY
111 9 Laurent GUERBY
112 9 Laurent GUERBY
https://indico.mathrice.fr/event/27/contribution/13/material/slides/0.pdf
113 9 Laurent GUERBY
Principe de fonctionnement OAuth2
114 10 Laurent GUERBY
115 10 Laurent GUERBY
http://blog.hansenpartnership.com/using-your-tpm-as-a-secure-key-store/
116 10 Laurent GUERBY
https://blog.filippo.io/giving-up-on-long-term-pgp/
117 11 Laurent GUERBY
118 11 Laurent GUERBY
https://www.ledgerwallet.com/products/12-ledger-nano-s 
119 11 Laurent GUERBY
https://github.com/LedgerHQ 
120 11 Laurent GUERBY
https://www.ledgerwallet.com/products/9-ledger-blue
121 17 Laurent GUERBY
122 17 Laurent GUERBY
http://digiposte.fr
123 17 Laurent GUERBY
edf, gdf, impots, assurances en auto via un id (?)
124 17 Laurent GUERBY
tu peux récupérer un zip des dossiers
125 20 Laurent GUERBY
126 20 Laurent GUERBY
127 20 Laurent GUERBY
https://lauren.vortex.com/2017/01/05/biting-the-bullet-its-time-to-require-2-factor-verified-logins
128 21 Laurent GUERBY
https://cloud.google.com/security/security-design/
129 22 Laurent GUERBY
https://github.com/google/key-transparency
130 27 Laurent GUERBY
https://www.facebook.com/notes/facebook-security/security-key-for-safer-logins-with-a-touch/10154125089265766
131 25 Laurent GUERBY
132 28 Laurent GUERBY
https://tech.slashdot.org/story/17/01/30/2023249/facebooks-new-tool-looks-to-replace-traditional-two-factor-authentication
133 28 Laurent GUERBY
https://www.facebook.com/notes/protect-the-graph/improving-account-security-with-delegated-recovery/1833022090271267
134 28 Laurent GUERBY
135 31 Laurent GUERBY
https://keybase.io/blog/keybase-chat
136 31 Laurent GUERBY
137 32 Laurent GUERBY
https://arstechnica.com/gadgets/2017/02/no-key-no-login-g-suite-admins-can-now-make-fido-security-keys-mandatory/
138 32 Laurent GUERBY
139 33 Matthieu Herrb
https://chown.me/blog/my-recent-journey-with-2FA.html
140 33 Matthieu Herrb
141 34 Laurent GUERBY
https://korben.info/keybox-console-centraliser-vos-acces-ssh.html
142 34 Laurent GUERBY
http://sshkeybox.com/
143 34 Laurent GUERBY
144 42 Laurent GUERBY
https://github.com/lipp/login-with
145 42 Laurent GUERBY
146 43 Laurent GUERBY
https://blog.plan99.net/building-account-systems-f790bf5fdbe0
147 43 Laurent GUERBY
https://www.troyhunt.com/passwords-evolved-authentication-guidance-for-the-modern-era/
148 44 Laurent GUERBY
https://www.troyhunt.com/password-managers-dont-have-to-be-perfect-they-just-have-to-be-better-than-not-having-one/
149 45 Laurent GUERBY
https://www.owasp.org/index.php/Password_Storage_Cheat_Sheet
150 45 Laurent GUERBY
https://blogs.dropbox.com/tech/2016/09/how-dropbox-securely-stores-your-passwords/
151 46 Laurent GUERBY
https://www.troyhunt.com/introducing-306-million-freely-downloadable-pwned-passwords/
152 43 Laurent GUERBY
153 25 Laurent GUERBY
h2. Passwords
154 25 Laurent GUERBY
155 26 Guilhem Saurel
https://www.passwordstore.org/
156 25 Laurent GUERBY
https://keepassxreboot.github.io/project
157 35 Laurent GUERBY
https://ask.slashdot.org/story/17/03/08/212244/ask-slashdot-should-you-use-password-managers