Projet

Général

Profil

Authentification » Historique » Version 65

Laurent GUERBY, 05/01/2018 19:11

1 1 Laurent GUERBY
{{>toc}}
2 1 Laurent GUERBY
3 1 Laurent GUERBY
h1. Authentification
4 1 Laurent GUERBY
5 25 Laurent GUERBY
h2. Liens
6 25 Laurent GUERBY
7 3 Laurent GUERBY
https://en.wikipedia.org/wiki/YubiKey
8 1 Laurent GUERBY
9 54 Laurent GUERBY
https://tech.slashdot.org/story/17/10/01/2130249/google-plans-upgrade-of-two-factor-authentication-for-politicians-and-ceos
10 54 Laurent GUERBY
11 62 Laurent GUERBY
https://www.evilsocket.net/2017/12/07/DIY-Portable-Secrets-Manager-with-a-RPI-Zero-and-the-ARC-Project/
12 62 Laurent GUERBY
13 55 Laurent GUERBY
https://lwn.net/Articles/734767/
14 55 Laurent GUERBY
Strategies for offline PGP key storage
15 55 Laurent GUERBY
16 60 Laurent GUERBY
https://lwn.net/Articles/736231/
17 60 Laurent GUERBY
A comparison of cryptographic keycards
18 60 Laurent GUERBY
19 63 Laurent GUERBY
https://hackaday.com/2017/12/14/using-gmail-with-oauth2-in-linux-and-on-an-esp8266/
20 63 Laurent GUERBY
21 61 Laurent GUERBY
https://www.imperialviolet.org/2017/10/08/securitykeytest.html
22 61 Laurent GUERBY
Testing Security Keys (08 Oct 2017)
23 61 Laurent GUERBY
24 61 Laurent GUERBY
https://github.com/hillbrad/U2FReviews#u2freviews
25 61 Laurent GUERBY
26 65 Laurent GUERBY
https://hackaday.com/2018/01/04/two-factor-authentication-with-the-esp8266/
27 65 Laurent GUERBY
28 56 Laurent GUERBY
https://hackaday.com/2017/10/16/inside-two-factor-authentication-apps
29 56 Laurent GUERBY
30 59 Laurent GUERBY
https://www.nextinpact.com/brief/protonmail-proposera-sa-propre-cle-de-securite-u2f-789.htm
31 59 Laurent GUERBY
32 47 Laurent GUERBY
https://www.crowdsupply.com/nth-dimension/signet
33 48 Laurent GUERBY
$39 kicad design
34 1 Laurent GUERBY
35 64 Laurent GUERBY
https://www.libre-parcours.net/post/comment-je-gere-mes-mots-de-passe/
36 64 Laurent GUERBY
37 57 Laurent GUERBY
https://protonmail.com/blog/encrypted_email_authentication/
38 57 Laurent GUERBY
https://tools.ietf.org/html/rfc2945
39 58 Laurent GUERBY
   The SRP Authentication and Key Exchange System Secure Remote Password (SRP)
40 57 Laurent GUERBY
41 57 Laurent GUERBY
42 48 Laurent GUERBY
https://www.crowdsupply.com/third-pin/pastilda
43 48 Laurent GUERBY
   $50 middle USB in out
44 48 Laurent GUERBY
   pas vraiment de design file dispo ?
45 48 Laurent GUERBY
   https://bitbucket.org/thirdpin_team/pastilda
46 48 Laurent GUERBY
   old https://github.com/thirdpin/pastilda
47 48 Laurent GUERBY
   
48 50 Laurent GUERBY
https://www.ory.am/run-oauth2-server-open-source-api-security.html
49 49 Laurent GUERBY
https://github.com/ory/hydra
50 49 Laurent GUERBY
   Oauth2 high performance
51 48 Laurent GUERBY
52 53 Laurent GUERBY
https://www.owasp.org/index.php/Authentication_Cheat_Sheet
53 53 Laurent GUERBY
  The Open Web Application Security Project
54 53 Laurent GUERBY
55 1 Laurent GUERBY
https://github.com/conorpp/u2f-zero
56 1 Laurent GUERBY
U2F Zero
57 1 Laurent GUERBY
U2F Zero is an open source U2F token for 2 factor authentication. It is implemented securely. It works with Google accounts, Github, Duo, OpenSSH, and anything else supporting U2F.
58 23 Laurent GUERBY
http://hackaday.com/2017/01/17/shmoocon-2017-the-ins-and-outs-of-manufacturing-and-selling-hardware/
59 36 Laurent GUERBY
https://www.u2fzero.com/
60 2 Laurent GUERBY
61 51 Laurent GUERBY
https://plus.google.com/+LaurenWeinstein/posts/avKcX7QmASi
62 51 Laurent GUERBY
Do I really need to bother with Google's 2-Step Verification system? I don't need more hassle and my passwords are pretty good.
63 51 Laurent GUERBY
64 52 Laurent GUERBY
https://lauren.vortex.com/2017/06/10/google-users-who-want-to-use-2-factor-protections-but-dont-understand-how
65 52 Laurent GUERBY
66 52 Laurent GUERBY
67 38 Laurent GUERBY
https://it.slashdot.org/story/17/05/04/218210/google-was-warned-about-this-weeks-mass-phishing-email-attack-six-years-ago
68 39 Laurent GUERBY
https://oauth.net/
69 41 Laurent GUERBY
https://arstechnica.com/security/2017/05/thieves-drain-2fa-protected-bank-accounts-by-abusing-ss7-routing-protocol/
70 38 Laurent GUERBY
71 12 Laurent GUERBY
http://arstechnica.com/security/2016/12/this-low-cost-device-may-be-the-worlds-best-hope-against-account-takeovers/
72 12 Laurent GUERBY
https://en.wikipedia.org/wiki/Universal_2nd_Factor
73 13 Laurent GUERBY
https://it.slashdot.org/story/16/12/24/0037256/u2f-security-keys-may-be-the-worlds-best-hope-against-account-takeovers
74 13 Laurent GUERBY
https://shop.nitrokey.com/shop/product/nitrokey-u2f-5
75 13 Laurent GUERBY
https://homepages.laas.fr/matthieu/talks/token-capitoul.pdf
76 14 Matthieu Herrb
https://github.com/ruimarinho/yubikey-handbook
77 37 Matthieu Herrb
https://research.kudelskisecurity.com/2017/04/28/configuring-yubikey-for-gpg-and-u2f/
78 12 Laurent GUERBY
79 7 Laurent GUERBY
http://hackaday.com/2016/09/29/taking-a-u2f-hardware-key-from-design-to-production/
80 7 Laurent GUERBY
81 1 Laurent GUERBY
https://m.nextinpact.com/news/102201-clefs-gpg-comment-stocker-et-utiliser-via-clef-usb-openpgp-card.htm
82 30 Guilhem Saurel
https://www.palkeo.com/sys/yubikey.html
83 29 Laurent GUERBY
84 24 Laurent GUERBY
http://www.limpkin.fr/index.php?post/2017/01/13/A-Mass-Programming-Bench-for-ATMega32u4-MCUs
85 40 Laurent GUERBY
86 40 Laurent GUERBY
https://www.themooltipass.com/
87 24 Laurent GUERBY
https://www.indiegogo.com/projects/mooltipass-open-source-offline-password-keeper
88 24 Laurent GUERBY
https://www.kickstarter.com/projects/limpkin/mooltipass-mini-your-passwords-on-the-go
89 24 Laurent GUERBY
90 2 Laurent GUERBY
https://raymii.org/s/articles/Get_Started_With_The_Nitrokey_HSM.html#SSH_Keys_with_the_HSM
91 2 Laurent GUERBY
92 16 Laurent GUERBY
https://media.ccc.de/v/33c3-8314-bootstraping_a_slightly_more_secure_laptop
93 16 Laurent GUERBY
94 15 Laurent GUERBY
https://portier.github.io/
95 15 Laurent GUERBY
96 2 Laurent GUERBY
https://sec2016.rmll.info/programme/#usb-armory
97 2 Laurent GUERBY
https://sec2016.rmll.info//files/
98 1 Laurent GUERBY
https://sec2016.rmll.info//files/20160704-02-Barisani-forging_the_usb_armory.pdf
99 48 Laurent GUERBY
https://www.crowdsupply.com/inverse-path/usb-armory
100 48 Laurent GUERBY
  $130
101 48 Laurent GUERBY
  kicad https://github.com/inversepath/usbarmory/tree/master/hardware
102 4 Laurent GUERBY
103 4 Laurent GUERBY
http://keithp.com/blogs/chaoskey/
104 4 Laurent GUERBY
http://saimei.acc.umu.se/pub/debian-meetings/2016/debconf16/Chaoskey_A_Hardware_Random_Number_Generator_for_Everyone.webm
105 5 Laurent GUERBY
106 5 Laurent GUERBY
http://www.nextinpact.com/news/100871-choisir-bon-mot-passe-regles-a-connaitre-pieges-a-eviter.htm
107 5 Laurent GUERBY
http://www.nextinpact.com/news/96167-u2f-double-authentification-par-clef-usb-se-repand-et-debarque-dans-dropbox.htm
108 6 Laurent GUERBY
https://forum.nextinpact.com/topic/157193-bien-g%C3%A9rer-ses-mots-de-passe/
109 5 Laurent GUERBY
https://fidoalliance.org/
110 18 Laurent GUERBY
https://blog.adafruit.com/2017/01/04/new-product-fido-u2f-security-key-u2f-usb-two-step-authentication-security/
111 19 Laurent GUERBY
https://www.ledgerwallet.com/products/12-ledger-nano-s
112 8 Laurent GUERBY
113 8 Laurent GUERBY
https://www.entrouvert.com/fr/identite-numerique/authentic-2/
114 9 Laurent GUERBY
115 9 Laurent GUERBY
116 9 Laurent GUERBY
https://indico.mathrice.fr/event/27/contribution/13/material/slides/0.pdf
117 9 Laurent GUERBY
Principe de fonctionnement OAuth2
118 10 Laurent GUERBY
119 10 Laurent GUERBY
http://blog.hansenpartnership.com/using-your-tpm-as-a-secure-key-store/
120 10 Laurent GUERBY
https://blog.filippo.io/giving-up-on-long-term-pgp/
121 11 Laurent GUERBY
122 11 Laurent GUERBY
https://www.ledgerwallet.com/products/12-ledger-nano-s 
123 11 Laurent GUERBY
https://github.com/LedgerHQ 
124 11 Laurent GUERBY
https://www.ledgerwallet.com/products/9-ledger-blue
125 17 Laurent GUERBY
126 17 Laurent GUERBY
http://digiposte.fr
127 17 Laurent GUERBY
edf, gdf, impots, assurances en auto via un id (?)
128 17 Laurent GUERBY
tu peux récupérer un zip des dossiers
129 20 Laurent GUERBY
130 20 Laurent GUERBY
131 20 Laurent GUERBY
https://lauren.vortex.com/2017/01/05/biting-the-bullet-its-time-to-require-2-factor-verified-logins
132 21 Laurent GUERBY
https://cloud.google.com/security/security-design/
133 22 Laurent GUERBY
https://github.com/google/key-transparency
134 27 Laurent GUERBY
https://www.facebook.com/notes/facebook-security/security-key-for-safer-logins-with-a-touch/10154125089265766
135 25 Laurent GUERBY
136 28 Laurent GUERBY
https://tech.slashdot.org/story/17/01/30/2023249/facebooks-new-tool-looks-to-replace-traditional-two-factor-authentication
137 28 Laurent GUERBY
https://www.facebook.com/notes/protect-the-graph/improving-account-security-with-delegated-recovery/1833022090271267
138 28 Laurent GUERBY
139 31 Laurent GUERBY
https://keybase.io/blog/keybase-chat
140 31 Laurent GUERBY
141 32 Laurent GUERBY
https://arstechnica.com/gadgets/2017/02/no-key-no-login-g-suite-admins-can-now-make-fido-security-keys-mandatory/
142 32 Laurent GUERBY
143 33 Matthieu Herrb
https://chown.me/blog/my-recent-journey-with-2FA.html
144 33 Matthieu Herrb
145 34 Laurent GUERBY
https://korben.info/keybox-console-centraliser-vos-acces-ssh.html
146 34 Laurent GUERBY
http://sshkeybox.com/
147 34 Laurent GUERBY
148 42 Laurent GUERBY
https://github.com/lipp/login-with
149 42 Laurent GUERBY
150 43 Laurent GUERBY
https://blog.plan99.net/building-account-systems-f790bf5fdbe0
151 43 Laurent GUERBY
https://www.troyhunt.com/passwords-evolved-authentication-guidance-for-the-modern-era/
152 44 Laurent GUERBY
https://www.troyhunt.com/password-managers-dont-have-to-be-perfect-they-just-have-to-be-better-than-not-having-one/
153 45 Laurent GUERBY
https://www.owasp.org/index.php/Password_Storage_Cheat_Sheet
154 45 Laurent GUERBY
https://blogs.dropbox.com/tech/2016/09/how-dropbox-securely-stores-your-passwords/
155 46 Laurent GUERBY
https://www.troyhunt.com/introducing-306-million-freely-downloadable-pwned-passwords/
156 43 Laurent GUERBY
157 25 Laurent GUERBY
h2. Passwords
158 25 Laurent GUERBY
159 26 Guilhem Saurel
https://www.passwordstore.org/
160 25 Laurent GUERBY
https://keepassxreboot.github.io/project
161 35 Laurent GUERBY
https://ask.slashdot.org/story/17/03/08/212244/ask-slashdot-should-you-use-password-managers