Gunther · @gunther
149 followers · 1043 posts · Server fosstodon.org

It's pretty crazy that Facebook has / support but my banking app doesn't.

#yubikey #fido2

Last updated 1 year ago

Marcel SIneM(S)US · @simsus
222 followers · 5536 posts · Server social.tchncs.de
Gigs :verified: · @beltragigs
29 followers · 41 posts · Server swiss.social

Heute von unserem IAM Chef zwei Sticks bekommen. Hab gleich mal mein iPhone mit abgesichert. Nur Windows 11 tut noch bucklig. meint, der Key gehöre nicht zur Familie, obwohl die PIN korrekt ist. Hmmm?

#Yubikey #fido2 #hello

Last updated 1 year ago

Marcel SIneM(S)US · @simsus
217 followers · 5295 posts · Server social.tchncs.de

Quantencomputer-resistent: Google veröffentlicht sicherere -Implementierung | heise online heise.de/news/Google-veroeffen

#fido2

Last updated 1 year ago

Rob · @rollin_rob
55 followers · 386 posts · Server social.linux.pizza

If I use my for passwordless login with services like Google or Nextcloud and someone steals my Yubikey, are they able to just log in to those services with it?

#yubikey #fido2 #askfedi

Last updated 1 year ago

bertrand 🏃 👨‍💻 🎸 · @bertrand
187 followers · 1146 posts · Server piaille.fr

@eingfoan nfc reader plugged through USB. No drivers required. Not coupled with physical access at the time.
I've heard of another manufacturing company deploying 3 technologies badges ( through contact, contactless for physical access, enabled for future use)

#pki #mifare #fido2

Last updated 1 year ago

bertrand 🏃 👨‍💻 🎸 · @bertrand
187 followers · 1146 posts · Server piaille.fr

@eingfoan did a POC with Neowave cards that went live afterwards. Main target population was warehouse workers on shared workstations. Worked like a charm 👌
neowave.fr/en/products/fido-ra

#fido #webauthn #pki #security #2fa #fido2 #nostick #contactless

Last updated 1 year ago

ottoto · @ottoto2017
126 followers · 1847 posts · Server prattohome.com

が初の のある セキュリティ キーの実装を導入 」: The Hacker News

は 、 で書かれたセキュリティ キーのオープンソース実装であり、FIDO U2F と FIDO2 標準の両方をサポートします。 」

thehackernews.com/2023/08/goog

#google #量子復元力 #fido2 #opensk #rust #prattohome #thehackernews

Last updated 1 year ago

Mark Carter · @markcarter
369 followers · 1943 posts · Server hachyderm.io
IT News · @itnewsbot
3602 followers · 269892 posts · Server schleuss.online

How fame-seeking teenagers hacked some of the world’s biggest targets - Enlarge (credit: Getty Images)

A ragtag bunch of amateur hacke... - arstechnica.com/?p=1960309 $

#mfa #fido2 #biz #lapsus #security #homelandsecuritydepartment

Last updated 1 year ago

Tech news from Canada · @TechNews
932 followers · 24874 posts · Server mastodon.roitsystems.ca
Karl Voit :emacs: :orgmode: · @publicvoit
2143 followers · 16211 posts · Server graz.social

@frank @keno3003 Du meinst Resident Keys: duo.com/labs/tech-notes/reside

AFAIK brauchst du die nur für aber nicht für Standard . Mein hat 50 slots für Resident Keys, manche nur 25.

Du kannst aber unendlich viele FIDO2 Services mit einem Token betreiben. Noch ein Vorteil von FIDO2 HW-Token.

HTH

#passkeys #fido2 #solokeys #yubikeys

Last updated 1 year ago

Karl Voit :emacs: :orgmode: · @publicvoit
2140 followers · 16194 posts · Server graz.social

@keno3003 Ja, hat Vorteile, wenn man den Großkonzernen absolut vertraut und sonst nur schwache Passwörter generiert, keine verwendet und mit tatsächlich überfordert ist.

IMHO ist es also besser, man lernt, wie man gute generiert und damit umgeht + aktiviert 2FA, wo man selber das Geheimnis verwaltet und kein Konzern.

karl-voit.at/2023/03/05/Passwo

#passkeys #2fa #fido2 #passworter

Last updated 1 year ago

Karl Voit :emacs: :orgmode: · @publicvoit
2139 followers · 16192 posts · Server graz.social

@keno3003 Sorry aber euer -Werbevideo klingt nach Lobbying für Großkonzerne.

Passkeys hat mit dem Wegfallen des Secrets im Vergleich zu eine deutlich geringere Vertrauenswürdigkeit. Passkeys wäre nur dann sicherer, wenn man den Betreibern wie , , absolut vertraut, dass die mein Secret ordentlich handhaben. Aktuellstes Beispiel ist Microsoft mit dem Verteilen von Generalschlüsseln zur . 😔

Sorry, normale 2FA ist somit sicherer als Passkeys.

#passkeys #fido2 #apple #google #microsoft #cloud

Last updated 1 year ago

Naty · @eclecticpassions
10 followers · 80 posts · Server fosstodon.org

So apparently, according to Yubico's CS, they accidentally placed a "normal", no-barcode Security Key into an "Enterprise Edition" packaging and told me not worry about it. They advised me to reset the key with ykman if I was still worried.

#yubikey #yubikeys #yubico #onlinesecurity #cybersecurity #hardwarekey #securitykeys #fido2

Last updated 1 year ago

bertrand 🏃 👨‍💻 🎸 · @bertrand
185 followers · 1084 posts · Server piaille.fr

@jesterchen @tulpa

True, that's why I don't do that. I use whenever I can and fallback to app (separate from browser's password manager) when I don't have a choice

#fido2 #totp

Last updated 1 year ago

bertrand 🏃 👨‍💻 🎸 · @bertrand
185 followers · 1084 posts · Server piaille.fr

@tulpa Good points.

It's still a slightly different threat model than a password since you'll lose it rather than forget it (or it'll be stolen rather than shoulder-surfed)

#InfoSec #totp #fido2 #u2f

Last updated 1 year ago

tulpa · @tulpa
524 followers · 486 posts · Server fosstodon.org

Since I'm talking about today, I'll give my unpopular opinion: is worthless, unless you have really bad password practices.

The seed is just another secret number. One which can't even be stored as a hash on the service end, because the service needs it to calculate the code.

It can be phished without too much trouble.

It's more likely to lock you out when you lose it, than stop bad guys.

Use / or go home.

#infosec #totp #fido2 #u2f

Last updated 1 year ago

Sebin Nyshkim :drgn_happy: · @SebinNyshkim
527 followers · 4046 posts · Server meow.social

My V2 arrived today

Time to get nerdy with it 🤩

#solokeys #fido2 #webauthn #linux #luks

Last updated 1 year ago

Sebin Nyshkim :drgn_happy: · @SebinNyshkim
485 followers · 3793 posts · Server meow.social

Just got notified my V2 I backed in 2021 are arriving this week 🤩

I’ll finally be able to do all the nerdy things with , , sudo, and again

#solokeys #linux #luks #fido2 #webauthn

Last updated 1 year ago