#PayPal has "detected unusual activity" on my account and forces me to set a new #password.
I enter a new password and PayPal complains that it cant be longer than 20 characters.
Short passwords would be less of an issue if they had a sane #2fa system where one could register more than one #fido2 token.
What does their security team do for a living?
Newbie question: what is best #mfa#authentication method for #offline networks? I am playing around with a lab environment where I want good mfa inside but don’t want it to connect to the internet. My current point of view is: I can not place #Fido there since it „needs“ internet in many ways.. right? . My current way of thinking is i build a PKI into this network and use it with #yubikey acting as a Smartcard but not #u2f or #fido2 . Am I wrong ? Is there better options?
SO after my question the other day I did some more reading up on Passkeys, I have written up my findings on my blog, if anyone is interested. #PassKyes#FIDO2#WebAuthN
Learn how hardware security tokens, featuring the standard #FIDO2 and FIDO U2F, can be used manufacturer independent with standard tools in #Fedora#Linux. The article shows how to register keys, activate them as factor to login on terminal and #GNOME and authenticate when using #sudo.
Following articles in this series will handle #OpenSSH 8.2+ usage for ssh key management and how to use the key as factor to decrypt #LUKS partitions. Stay tuned!
Schreibe momentan an einem Artikel zu FIDO2 / U2F Sicherheitsschlüsseln wie SoloKey2, YubiKey5 oder NitroKey3.
Es wird darum gehen wie diese Keys mit standard tools eingerichtet und für Login in Linux oder OpenSSH eingesetzt werden können (am beispiel Fedora Linux). Vielleicht nehme ich auch gleich LUKS decryption mit auf, sonst kommt das hinterher
Habt ihr ein besonderes Interesse bzw. Fragen auf die ich besonderen Wert legen soll?