This archive is retained to ensure existing URLs remain functional. It will not contain any emails sent to this mailing list after July 1, 2024. For all messages, including those sent before and after this date, please visit the new location of the archive at https://mailman.ripe.net/archives/list/members-discuss@ripe.net/
[members-discuss] two-factor authentication mandatory
- Previous message (by thread): [members-discuss] two-factor authentication mandatory
- Next message (by thread): [members-discuss] two-factor authentication mandatory
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Oleksij Samorukov
samm at net-art.cz
Thu Jan 11 14:55:32 CET 2024
On 2024/01/11 14:48, Mark Janssen via members-discuss wrote: > On Thu, 2024-01-11 at 14:35 +0100, Mike B wrote: >> My rational for this is that some organisations do not allow phones >> within the office, nor have any Apps available to install on their >> systems. Perhaps a more generic scenario is if a phone is out of >> battery. I'm sure you can appreciate while I am in favour of MFA I >> think this must be in a different format. > > TOTP can be done without phones or phone apps... it just needs the > shared secret and a HMAC fucntion, this can be done via various > password-managers, simple python-scripts, your Ti-81 calculator or any > number of other methods. > > I would advise against any form of e-mail 2fa, as this really reduces > it to a single-factor (with password-resets via email). BTW, TOTP is supported by a recent Yubi key, so you can use it as a hardware token as well. But +1 for FIDO2 implementation, is a very popular standard with many implementations on the market. And it should be easy to implement on the backend/frondent side, implementation is very straightforward with many examples all-around. -- Oleksij Samorukov
- Previous message (by thread): [members-discuss] two-factor authentication mandatory
- Next message (by thread): [members-discuss] two-factor authentication mandatory
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]