Projet

Général

Profil

Authentification » Historique » Version 67

Laurent GUERBY, 24/01/2018 21:24

1 1 Laurent GUERBY
{{>toc}}
2 1 Laurent GUERBY
3 1 Laurent GUERBY
h1. Authentification
4 1 Laurent GUERBY
5 25 Laurent GUERBY
h2. Liens
6 25 Laurent GUERBY
7 3 Laurent GUERBY
https://en.wikipedia.org/wiki/YubiKey
8 1 Laurent GUERBY
9 66 Laurent GUERBY
https://0day.work/using-a-yubikey-for-gpg-and-ssh/
10 66 Laurent GUERBY
11 54 Laurent GUERBY
https://tech.slashdot.org/story/17/10/01/2130249/google-plans-upgrade-of-two-factor-authentication-for-politicians-and-ceos
12 54 Laurent GUERBY
13 62 Laurent GUERBY
https://www.evilsocket.net/2017/12/07/DIY-Portable-Secrets-Manager-with-a-RPI-Zero-and-the-ARC-Project/
14 62 Laurent GUERBY
15 55 Laurent GUERBY
https://lwn.net/Articles/734767/
16 55 Laurent GUERBY
Strategies for offline PGP key storage
17 55 Laurent GUERBY
18 67 Laurent GUERBY
https://www.crowdsupply.com/sutajio-kosagi/tomu
19 67 Laurent GUERBY
20 60 Laurent GUERBY
https://lwn.net/Articles/736231/
21 60 Laurent GUERBY
A comparison of cryptographic keycards
22 60 Laurent GUERBY
23 63 Laurent GUERBY
https://hackaday.com/2017/12/14/using-gmail-with-oauth2-in-linux-and-on-an-esp8266/
24 63 Laurent GUERBY
25 61 Laurent GUERBY
https://www.imperialviolet.org/2017/10/08/securitykeytest.html
26 61 Laurent GUERBY
Testing Security Keys (08 Oct 2017)
27 61 Laurent GUERBY
28 61 Laurent GUERBY
https://github.com/hillbrad/U2FReviews#u2freviews
29 61 Laurent GUERBY
30 65 Laurent GUERBY
https://hackaday.com/2018/01/04/two-factor-authentication-with-the-esp8266/
31 65 Laurent GUERBY
32 56 Laurent GUERBY
https://hackaday.com/2017/10/16/inside-two-factor-authentication-apps
33 56 Laurent GUERBY
34 59 Laurent GUERBY
https://www.nextinpact.com/brief/protonmail-proposera-sa-propre-cle-de-securite-u2f-789.htm
35 59 Laurent GUERBY
36 47 Laurent GUERBY
https://www.crowdsupply.com/nth-dimension/signet
37 48 Laurent GUERBY
$39 kicad design
38 1 Laurent GUERBY
39 64 Laurent GUERBY
https://www.libre-parcours.net/post/comment-je-gere-mes-mots-de-passe/
40 64 Laurent GUERBY
41 57 Laurent GUERBY
https://protonmail.com/blog/encrypted_email_authentication/
42 57 Laurent GUERBY
https://tools.ietf.org/html/rfc2945
43 58 Laurent GUERBY
   The SRP Authentication and Key Exchange System Secure Remote Password (SRP)
44 57 Laurent GUERBY
45 57 Laurent GUERBY
46 48 Laurent GUERBY
https://www.crowdsupply.com/third-pin/pastilda
47 48 Laurent GUERBY
   $50 middle USB in out
48 48 Laurent GUERBY
   pas vraiment de design file dispo ?
49 48 Laurent GUERBY
   https://bitbucket.org/thirdpin_team/pastilda
50 48 Laurent GUERBY
   old https://github.com/thirdpin/pastilda
51 48 Laurent GUERBY
   
52 50 Laurent GUERBY
https://www.ory.am/run-oauth2-server-open-source-api-security.html
53 49 Laurent GUERBY
https://github.com/ory/hydra
54 49 Laurent GUERBY
   Oauth2 high performance
55 48 Laurent GUERBY
56 53 Laurent GUERBY
https://www.owasp.org/index.php/Authentication_Cheat_Sheet
57 53 Laurent GUERBY
  The Open Web Application Security Project
58 53 Laurent GUERBY
59 1 Laurent GUERBY
https://github.com/conorpp/u2f-zero
60 1 Laurent GUERBY
U2F Zero
61 1 Laurent GUERBY
U2F Zero is an open source U2F token for 2 factor authentication. It is implemented securely. It works with Google accounts, Github, Duo, OpenSSH, and anything else supporting U2F.
62 23 Laurent GUERBY
http://hackaday.com/2017/01/17/shmoocon-2017-the-ins-and-outs-of-manufacturing-and-selling-hardware/
63 36 Laurent GUERBY
https://www.u2fzero.com/
64 2 Laurent GUERBY
65 51 Laurent GUERBY
https://plus.google.com/+LaurenWeinstein/posts/avKcX7QmASi
66 51 Laurent GUERBY
Do I really need to bother with Google's 2-Step Verification system? I don't need more hassle and my passwords are pretty good.
67 51 Laurent GUERBY
68 52 Laurent GUERBY
https://lauren.vortex.com/2017/06/10/google-users-who-want-to-use-2-factor-protections-but-dont-understand-how
69 52 Laurent GUERBY
70 52 Laurent GUERBY
71 38 Laurent GUERBY
https://it.slashdot.org/story/17/05/04/218210/google-was-warned-about-this-weeks-mass-phishing-email-attack-six-years-ago
72 39 Laurent GUERBY
https://oauth.net/
73 41 Laurent GUERBY
https://arstechnica.com/security/2017/05/thieves-drain-2fa-protected-bank-accounts-by-abusing-ss7-routing-protocol/
74 38 Laurent GUERBY
75 12 Laurent GUERBY
http://arstechnica.com/security/2016/12/this-low-cost-device-may-be-the-worlds-best-hope-against-account-takeovers/
76 12 Laurent GUERBY
https://en.wikipedia.org/wiki/Universal_2nd_Factor
77 13 Laurent GUERBY
https://it.slashdot.org/story/16/12/24/0037256/u2f-security-keys-may-be-the-worlds-best-hope-against-account-takeovers
78 13 Laurent GUERBY
https://shop.nitrokey.com/shop/product/nitrokey-u2f-5
79 13 Laurent GUERBY
https://homepages.laas.fr/matthieu/talks/token-capitoul.pdf
80 14 Matthieu Herrb
https://github.com/ruimarinho/yubikey-handbook
81 37 Matthieu Herrb
https://research.kudelskisecurity.com/2017/04/28/configuring-yubikey-for-gpg-and-u2f/
82 12 Laurent GUERBY
83 7 Laurent GUERBY
http://hackaday.com/2016/09/29/taking-a-u2f-hardware-key-from-design-to-production/
84 7 Laurent GUERBY
85 1 Laurent GUERBY
https://m.nextinpact.com/news/102201-clefs-gpg-comment-stocker-et-utiliser-via-clef-usb-openpgp-card.htm
86 30 Guilhem Saurel
https://www.palkeo.com/sys/yubikey.html
87 29 Laurent GUERBY
88 24 Laurent GUERBY
http://www.limpkin.fr/index.php?post/2017/01/13/A-Mass-Programming-Bench-for-ATMega32u4-MCUs
89 40 Laurent GUERBY
90 40 Laurent GUERBY
https://www.themooltipass.com/
91 24 Laurent GUERBY
https://www.indiegogo.com/projects/mooltipass-open-source-offline-password-keeper
92 24 Laurent GUERBY
https://www.kickstarter.com/projects/limpkin/mooltipass-mini-your-passwords-on-the-go
93 24 Laurent GUERBY
94 2 Laurent GUERBY
https://raymii.org/s/articles/Get_Started_With_The_Nitrokey_HSM.html#SSH_Keys_with_the_HSM
95 2 Laurent GUERBY
96 16 Laurent GUERBY
https://media.ccc.de/v/33c3-8314-bootstraping_a_slightly_more_secure_laptop
97 16 Laurent GUERBY
98 15 Laurent GUERBY
https://portier.github.io/
99 15 Laurent GUERBY
100 2 Laurent GUERBY
https://sec2016.rmll.info/programme/#usb-armory
101 2 Laurent GUERBY
https://sec2016.rmll.info//files/
102 1 Laurent GUERBY
https://sec2016.rmll.info//files/20160704-02-Barisani-forging_the_usb_armory.pdf
103 48 Laurent GUERBY
https://www.crowdsupply.com/inverse-path/usb-armory
104 48 Laurent GUERBY
  $130
105 48 Laurent GUERBY
  kicad https://github.com/inversepath/usbarmory/tree/master/hardware
106 4 Laurent GUERBY
107 4 Laurent GUERBY
http://keithp.com/blogs/chaoskey/
108 4 Laurent GUERBY
http://saimei.acc.umu.se/pub/debian-meetings/2016/debconf16/Chaoskey_A_Hardware_Random_Number_Generator_for_Everyone.webm
109 5 Laurent GUERBY
110 5 Laurent GUERBY
http://www.nextinpact.com/news/100871-choisir-bon-mot-passe-regles-a-connaitre-pieges-a-eviter.htm
111 5 Laurent GUERBY
http://www.nextinpact.com/news/96167-u2f-double-authentification-par-clef-usb-se-repand-et-debarque-dans-dropbox.htm
112 6 Laurent GUERBY
https://forum.nextinpact.com/topic/157193-bien-g%C3%A9rer-ses-mots-de-passe/
113 5 Laurent GUERBY
https://fidoalliance.org/
114 18 Laurent GUERBY
https://blog.adafruit.com/2017/01/04/new-product-fido-u2f-security-key-u2f-usb-two-step-authentication-security/
115 19 Laurent GUERBY
https://www.ledgerwallet.com/products/12-ledger-nano-s
116 8 Laurent GUERBY
117 8 Laurent GUERBY
https://www.entrouvert.com/fr/identite-numerique/authentic-2/
118 9 Laurent GUERBY
119 9 Laurent GUERBY
120 9 Laurent GUERBY
https://indico.mathrice.fr/event/27/contribution/13/material/slides/0.pdf
121 9 Laurent GUERBY
Principe de fonctionnement OAuth2
122 10 Laurent GUERBY
123 10 Laurent GUERBY
http://blog.hansenpartnership.com/using-your-tpm-as-a-secure-key-store/
124 10 Laurent GUERBY
https://blog.filippo.io/giving-up-on-long-term-pgp/
125 11 Laurent GUERBY
126 11 Laurent GUERBY
https://www.ledgerwallet.com/products/12-ledger-nano-s 
127 11 Laurent GUERBY
https://github.com/LedgerHQ 
128 11 Laurent GUERBY
https://www.ledgerwallet.com/products/9-ledger-blue
129 17 Laurent GUERBY
130 17 Laurent GUERBY
http://digiposte.fr
131 17 Laurent GUERBY
edf, gdf, impots, assurances en auto via un id (?)
132 17 Laurent GUERBY
tu peux récupérer un zip des dossiers
133 20 Laurent GUERBY
134 20 Laurent GUERBY
135 20 Laurent GUERBY
https://lauren.vortex.com/2017/01/05/biting-the-bullet-its-time-to-require-2-factor-verified-logins
136 21 Laurent GUERBY
https://cloud.google.com/security/security-design/
137 22 Laurent GUERBY
https://github.com/google/key-transparency
138 27 Laurent GUERBY
https://www.facebook.com/notes/facebook-security/security-key-for-safer-logins-with-a-touch/10154125089265766
139 25 Laurent GUERBY
140 28 Laurent GUERBY
https://tech.slashdot.org/story/17/01/30/2023249/facebooks-new-tool-looks-to-replace-traditional-two-factor-authentication
141 28 Laurent GUERBY
https://www.facebook.com/notes/protect-the-graph/improving-account-security-with-delegated-recovery/1833022090271267
142 28 Laurent GUERBY
143 31 Laurent GUERBY
https://keybase.io/blog/keybase-chat
144 31 Laurent GUERBY
145 32 Laurent GUERBY
https://arstechnica.com/gadgets/2017/02/no-key-no-login-g-suite-admins-can-now-make-fido-security-keys-mandatory/
146 32 Laurent GUERBY
147 33 Matthieu Herrb
https://chown.me/blog/my-recent-journey-with-2FA.html
148 33 Matthieu Herrb
149 34 Laurent GUERBY
https://korben.info/keybox-console-centraliser-vos-acces-ssh.html
150 34 Laurent GUERBY
http://sshkeybox.com/
151 34 Laurent GUERBY
152 42 Laurent GUERBY
https://github.com/lipp/login-with
153 42 Laurent GUERBY
154 43 Laurent GUERBY
https://blog.plan99.net/building-account-systems-f790bf5fdbe0
155 43 Laurent GUERBY
https://www.troyhunt.com/passwords-evolved-authentication-guidance-for-the-modern-era/
156 44 Laurent GUERBY
https://www.troyhunt.com/password-managers-dont-have-to-be-perfect-they-just-have-to-be-better-than-not-having-one/
157 45 Laurent GUERBY
https://www.owasp.org/index.php/Password_Storage_Cheat_Sheet
158 45 Laurent GUERBY
https://blogs.dropbox.com/tech/2016/09/how-dropbox-securely-stores-your-passwords/
159 46 Laurent GUERBY
https://www.troyhunt.com/introducing-306-million-freely-downloadable-pwned-passwords/
160 43 Laurent GUERBY
161 25 Laurent GUERBY
h2. Passwords
162 25 Laurent GUERBY
163 26 Guilhem Saurel
https://www.passwordstore.org/
164 25 Laurent GUERBY
https://keepassxreboot.github.io/project
165 35 Laurent GUERBY
https://ask.slashdot.org/story/17/03/08/212244/ask-slashdot-should-you-use-password-managers