Projet

Général

Profil

Authentification » Historique » Version 66

Laurent GUERBY, 17/01/2018 00:12

1 1 Laurent GUERBY
{{>toc}}
2 1 Laurent GUERBY
3 1 Laurent GUERBY
h1. Authentification
4 1 Laurent GUERBY
5 25 Laurent GUERBY
h2. Liens
6 25 Laurent GUERBY
7 3 Laurent GUERBY
https://en.wikipedia.org/wiki/YubiKey
8 1 Laurent GUERBY
9 66 Laurent GUERBY
https://0day.work/using-a-yubikey-for-gpg-and-ssh/
10 66 Laurent GUERBY
11 54 Laurent GUERBY
https://tech.slashdot.org/story/17/10/01/2130249/google-plans-upgrade-of-two-factor-authentication-for-politicians-and-ceos
12 54 Laurent GUERBY
13 62 Laurent GUERBY
https://www.evilsocket.net/2017/12/07/DIY-Portable-Secrets-Manager-with-a-RPI-Zero-and-the-ARC-Project/
14 62 Laurent GUERBY
15 55 Laurent GUERBY
https://lwn.net/Articles/734767/
16 55 Laurent GUERBY
Strategies for offline PGP key storage
17 55 Laurent GUERBY
18 60 Laurent GUERBY
https://lwn.net/Articles/736231/
19 60 Laurent GUERBY
A comparison of cryptographic keycards
20 60 Laurent GUERBY
21 63 Laurent GUERBY
https://hackaday.com/2017/12/14/using-gmail-with-oauth2-in-linux-and-on-an-esp8266/
22 63 Laurent GUERBY
23 61 Laurent GUERBY
https://www.imperialviolet.org/2017/10/08/securitykeytest.html
24 61 Laurent GUERBY
Testing Security Keys (08 Oct 2017)
25 61 Laurent GUERBY
26 61 Laurent GUERBY
https://github.com/hillbrad/U2FReviews#u2freviews
27 61 Laurent GUERBY
28 65 Laurent GUERBY
https://hackaday.com/2018/01/04/two-factor-authentication-with-the-esp8266/
29 65 Laurent GUERBY
30 56 Laurent GUERBY
https://hackaday.com/2017/10/16/inside-two-factor-authentication-apps
31 56 Laurent GUERBY
32 59 Laurent GUERBY
https://www.nextinpact.com/brief/protonmail-proposera-sa-propre-cle-de-securite-u2f-789.htm
33 59 Laurent GUERBY
34 47 Laurent GUERBY
https://www.crowdsupply.com/nth-dimension/signet
35 48 Laurent GUERBY
$39 kicad design
36 1 Laurent GUERBY
37 64 Laurent GUERBY
https://www.libre-parcours.net/post/comment-je-gere-mes-mots-de-passe/
38 64 Laurent GUERBY
39 57 Laurent GUERBY
https://protonmail.com/blog/encrypted_email_authentication/
40 57 Laurent GUERBY
https://tools.ietf.org/html/rfc2945
41 58 Laurent GUERBY
   The SRP Authentication and Key Exchange System Secure Remote Password (SRP)
42 57 Laurent GUERBY
43 57 Laurent GUERBY
44 48 Laurent GUERBY
https://www.crowdsupply.com/third-pin/pastilda
45 48 Laurent GUERBY
   $50 middle USB in out
46 48 Laurent GUERBY
   pas vraiment de design file dispo ?
47 48 Laurent GUERBY
   https://bitbucket.org/thirdpin_team/pastilda
48 48 Laurent GUERBY
   old https://github.com/thirdpin/pastilda
49 48 Laurent GUERBY
   
50 50 Laurent GUERBY
https://www.ory.am/run-oauth2-server-open-source-api-security.html
51 49 Laurent GUERBY
https://github.com/ory/hydra
52 49 Laurent GUERBY
   Oauth2 high performance
53 48 Laurent GUERBY
54 53 Laurent GUERBY
https://www.owasp.org/index.php/Authentication_Cheat_Sheet
55 53 Laurent GUERBY
  The Open Web Application Security Project
56 53 Laurent GUERBY
57 1 Laurent GUERBY
https://github.com/conorpp/u2f-zero
58 1 Laurent GUERBY
U2F Zero
59 1 Laurent GUERBY
U2F Zero is an open source U2F token for 2 factor authentication. It is implemented securely. It works with Google accounts, Github, Duo, OpenSSH, and anything else supporting U2F.
60 23 Laurent GUERBY
http://hackaday.com/2017/01/17/shmoocon-2017-the-ins-and-outs-of-manufacturing-and-selling-hardware/
61 36 Laurent GUERBY
https://www.u2fzero.com/
62 2 Laurent GUERBY
63 51 Laurent GUERBY
https://plus.google.com/+LaurenWeinstein/posts/avKcX7QmASi
64 51 Laurent GUERBY
Do I really need to bother with Google's 2-Step Verification system? I don't need more hassle and my passwords are pretty good.
65 51 Laurent GUERBY
66 52 Laurent GUERBY
https://lauren.vortex.com/2017/06/10/google-users-who-want-to-use-2-factor-protections-but-dont-understand-how
67 52 Laurent GUERBY
68 52 Laurent GUERBY
69 38 Laurent GUERBY
https://it.slashdot.org/story/17/05/04/218210/google-was-warned-about-this-weeks-mass-phishing-email-attack-six-years-ago
70 39 Laurent GUERBY
https://oauth.net/
71 41 Laurent GUERBY
https://arstechnica.com/security/2017/05/thieves-drain-2fa-protected-bank-accounts-by-abusing-ss7-routing-protocol/
72 38 Laurent GUERBY
73 12 Laurent GUERBY
http://arstechnica.com/security/2016/12/this-low-cost-device-may-be-the-worlds-best-hope-against-account-takeovers/
74 12 Laurent GUERBY
https://en.wikipedia.org/wiki/Universal_2nd_Factor
75 13 Laurent GUERBY
https://it.slashdot.org/story/16/12/24/0037256/u2f-security-keys-may-be-the-worlds-best-hope-against-account-takeovers
76 13 Laurent GUERBY
https://shop.nitrokey.com/shop/product/nitrokey-u2f-5
77 13 Laurent GUERBY
https://homepages.laas.fr/matthieu/talks/token-capitoul.pdf
78 14 Matthieu Herrb
https://github.com/ruimarinho/yubikey-handbook
79 37 Matthieu Herrb
https://research.kudelskisecurity.com/2017/04/28/configuring-yubikey-for-gpg-and-u2f/
80 12 Laurent GUERBY
81 7 Laurent GUERBY
http://hackaday.com/2016/09/29/taking-a-u2f-hardware-key-from-design-to-production/
82 7 Laurent GUERBY
83 1 Laurent GUERBY
https://m.nextinpact.com/news/102201-clefs-gpg-comment-stocker-et-utiliser-via-clef-usb-openpgp-card.htm
84 30 Guilhem Saurel
https://www.palkeo.com/sys/yubikey.html
85 29 Laurent GUERBY
86 24 Laurent GUERBY
http://www.limpkin.fr/index.php?post/2017/01/13/A-Mass-Programming-Bench-for-ATMega32u4-MCUs
87 40 Laurent GUERBY
88 40 Laurent GUERBY
https://www.themooltipass.com/
89 24 Laurent GUERBY
https://www.indiegogo.com/projects/mooltipass-open-source-offline-password-keeper
90 24 Laurent GUERBY
https://www.kickstarter.com/projects/limpkin/mooltipass-mini-your-passwords-on-the-go
91 24 Laurent GUERBY
92 2 Laurent GUERBY
https://raymii.org/s/articles/Get_Started_With_The_Nitrokey_HSM.html#SSH_Keys_with_the_HSM
93 2 Laurent GUERBY
94 16 Laurent GUERBY
https://media.ccc.de/v/33c3-8314-bootstraping_a_slightly_more_secure_laptop
95 16 Laurent GUERBY
96 15 Laurent GUERBY
https://portier.github.io/
97 15 Laurent GUERBY
98 2 Laurent GUERBY
https://sec2016.rmll.info/programme/#usb-armory
99 2 Laurent GUERBY
https://sec2016.rmll.info//files/
100 1 Laurent GUERBY
https://sec2016.rmll.info//files/20160704-02-Barisani-forging_the_usb_armory.pdf
101 48 Laurent GUERBY
https://www.crowdsupply.com/inverse-path/usb-armory
102 48 Laurent GUERBY
  $130
103 48 Laurent GUERBY
  kicad https://github.com/inversepath/usbarmory/tree/master/hardware
104 4 Laurent GUERBY
105 4 Laurent GUERBY
http://keithp.com/blogs/chaoskey/
106 4 Laurent GUERBY
http://saimei.acc.umu.se/pub/debian-meetings/2016/debconf16/Chaoskey_A_Hardware_Random_Number_Generator_for_Everyone.webm
107 5 Laurent GUERBY
108 5 Laurent GUERBY
http://www.nextinpact.com/news/100871-choisir-bon-mot-passe-regles-a-connaitre-pieges-a-eviter.htm
109 5 Laurent GUERBY
http://www.nextinpact.com/news/96167-u2f-double-authentification-par-clef-usb-se-repand-et-debarque-dans-dropbox.htm
110 6 Laurent GUERBY
https://forum.nextinpact.com/topic/157193-bien-g%C3%A9rer-ses-mots-de-passe/
111 5 Laurent GUERBY
https://fidoalliance.org/
112 18 Laurent GUERBY
https://blog.adafruit.com/2017/01/04/new-product-fido-u2f-security-key-u2f-usb-two-step-authentication-security/
113 19 Laurent GUERBY
https://www.ledgerwallet.com/products/12-ledger-nano-s
114 8 Laurent GUERBY
115 8 Laurent GUERBY
https://www.entrouvert.com/fr/identite-numerique/authentic-2/
116 9 Laurent GUERBY
117 9 Laurent GUERBY
118 9 Laurent GUERBY
https://indico.mathrice.fr/event/27/contribution/13/material/slides/0.pdf
119 9 Laurent GUERBY
Principe de fonctionnement OAuth2
120 10 Laurent GUERBY
121 10 Laurent GUERBY
http://blog.hansenpartnership.com/using-your-tpm-as-a-secure-key-store/
122 10 Laurent GUERBY
https://blog.filippo.io/giving-up-on-long-term-pgp/
123 11 Laurent GUERBY
124 11 Laurent GUERBY
https://www.ledgerwallet.com/products/12-ledger-nano-s 
125 11 Laurent GUERBY
https://github.com/LedgerHQ 
126 11 Laurent GUERBY
https://www.ledgerwallet.com/products/9-ledger-blue
127 17 Laurent GUERBY
128 17 Laurent GUERBY
http://digiposte.fr
129 17 Laurent GUERBY
edf, gdf, impots, assurances en auto via un id (?)
130 17 Laurent GUERBY
tu peux récupérer un zip des dossiers
131 20 Laurent GUERBY
132 20 Laurent GUERBY
133 20 Laurent GUERBY
https://lauren.vortex.com/2017/01/05/biting-the-bullet-its-time-to-require-2-factor-verified-logins
134 21 Laurent GUERBY
https://cloud.google.com/security/security-design/
135 22 Laurent GUERBY
https://github.com/google/key-transparency
136 27 Laurent GUERBY
https://www.facebook.com/notes/facebook-security/security-key-for-safer-logins-with-a-touch/10154125089265766
137 25 Laurent GUERBY
138 28 Laurent GUERBY
https://tech.slashdot.org/story/17/01/30/2023249/facebooks-new-tool-looks-to-replace-traditional-two-factor-authentication
139 28 Laurent GUERBY
https://www.facebook.com/notes/protect-the-graph/improving-account-security-with-delegated-recovery/1833022090271267
140 28 Laurent GUERBY
141 31 Laurent GUERBY
https://keybase.io/blog/keybase-chat
142 31 Laurent GUERBY
143 32 Laurent GUERBY
https://arstechnica.com/gadgets/2017/02/no-key-no-login-g-suite-admins-can-now-make-fido-security-keys-mandatory/
144 32 Laurent GUERBY
145 33 Matthieu Herrb
https://chown.me/blog/my-recent-journey-with-2FA.html
146 33 Matthieu Herrb
147 34 Laurent GUERBY
https://korben.info/keybox-console-centraliser-vos-acces-ssh.html
148 34 Laurent GUERBY
http://sshkeybox.com/
149 34 Laurent GUERBY
150 42 Laurent GUERBY
https://github.com/lipp/login-with
151 42 Laurent GUERBY
152 43 Laurent GUERBY
https://blog.plan99.net/building-account-systems-f790bf5fdbe0
153 43 Laurent GUERBY
https://www.troyhunt.com/passwords-evolved-authentication-guidance-for-the-modern-era/
154 44 Laurent GUERBY
https://www.troyhunt.com/password-managers-dont-have-to-be-perfect-they-just-have-to-be-better-than-not-having-one/
155 45 Laurent GUERBY
https://www.owasp.org/index.php/Password_Storage_Cheat_Sheet
156 45 Laurent GUERBY
https://blogs.dropbox.com/tech/2016/09/how-dropbox-securely-stores-your-passwords/
157 46 Laurent GUERBY
https://www.troyhunt.com/introducing-306-million-freely-downloadable-pwned-passwords/
158 43 Laurent GUERBY
159 25 Laurent GUERBY
h2. Passwords
160 25 Laurent GUERBY
161 26 Guilhem Saurel
https://www.passwordstore.org/
162 25 Laurent GUERBY
https://keepassxreboot.github.io/project
163 35 Laurent GUERBY
https://ask.slashdot.org/story/17/03/08/212244/ask-slashdot-should-you-use-password-managers