Hackaday Prize 2023: Sleek Macro Pad Makes 2FA a Little Easier - We all know the drill when it comes to online security — something you know, and s... - https://hackaday.com/2023/06/20/hackaday-prize-2023-sleek-macro-pad-makes-2fa-a-little-easier/ #two-factorauthenication #2023hackadayprize #thehackadayprize #contests #cherrymx #esp32-s3 #feather #rfc6238 #usbhid #salt #totp #2fa #ntp #tft

#TIL #2fa
I've been cautious about time left before it expires to enter a #TOTP trying to make sure it would make it to the server and get authenticated before the timer bar in my #authenticator runs out. Then I noticed that even if I'm a little late it still works. So I got curious and started experimenting. Turned out it still works even when I'm late quite a bit. Then I found #RFC6238 which recommends the servers to accept expired tokens within a time window. How clever! Now you know too.

While Microsoft Authenticator removes support for Apple Watch, @bitwarden adds support for Apple Watch.

https://www.ghacks.net/2022/12/21/bitwarden-is-coming-to-apple-watch/

#authenticator #opensource #totp #rfc6238

While Microsoft Authenticator removes support for Apple Watch, @Bitwarden adds support for Apple Watch.

https://www.ghacks.net/2022/12/21/bitwarden-is-coming-to-apple-watch/

#authenticator #opensource #totp #rfc6238

@pink @IzzyOnDroid
"Push": Das klingt proprietär und fühlt sich für mich eh etwas gruselig an...

Solange aber ein "#TOTP: Time-Based One-Time Password Algorithm" gemäß #RFC6238 zum Einsatz kommt, sollte man das Verfahren mit jedem passenden Tool bestreiten können. Wozu gibt es offene Standards? 😉

https://datatracker.ietf.org/doc/html/rfc6238