<div dir="auto">Hi,</div><div dir="auto"><br></div><div dir="auto">+1 to Steffen’s idea.</div><div dir="auto"><br></div><div dir="auto">Also, a couple of questions... how can I find out if someone (attempts to) login with my SSO? </div><div dir="auto"><br></div><div dir="auto"><span style="border-color:rgb(0,0,0);color:rgb(0,0,0)">Can the RIPE NCC provide a page showing a list of last 5-10-100 (un)successful logins? </span><br></div><div dir="auto"><br></div><div dir="auto">How about e-mail notifications (with the IP address of the attacker) when a failed login attempt is made? </div><div dir="auto">Can I get an e-mail notification that someone has logged in, every time a successful login happens?<br></div><div dir="auto">- I’d like these to be opt-in</div><div dir="auto"><br></div><div dir="auto">Elvis </div><div><br><div class="gmail_quote"><div dir="ltr" class="gmail_attr">On Fri, Feb 19, 2021 at 00:40 Steffen Weinreich <<a href="mailto:steffen.weinreich@mdex.de">steffen.weinreich@mdex.de</a>> wrote:<br></div><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left-width:1px;border-left-style:solid;padding-left:1ex;border-left-color:rgb(204,204,204)">Hi Ivo,<br>
<br>
Thanks for the heads up.<br>
<br>
It would be usefull if a LIR Admin user in the portal could see if "his"<br>
users have the 2FA enabled. That way I could encourage my colleagues<br>
without 2FA to enable.<br>
<br>
CC: to the members-discuss for feedback on the suggestion. <br>
<br>
mit freundlichen Grüßen<br>
<br>
Steffen Weinreich<br>
<br>
-- <br>
Wireless Logic mdex GmbH<br>
<a href="https://www.google.com/maps/search/B%C3%A4ckerbarg+6,+22889+Tangstedt,+Germany?entry=gmail&source=g">Bäckerbarg 6, 22889 Tangstedt, Germany</a><br>
<br>
Am 18.02.21 um 16:49 schrieb Ivo Dijkhuis:<br>
<br>
> Dear colleagues,<br>
><br>
> Last weekend, RIPE NCC Access, our single sign-on (SSO) service was<br>
> affected by what appears to be a deliberate ‘credential-stuffing’<br>
> attack, which caused some downtime. We mitigated the attack, and we are<br>
> now taking steps to ensure that our services are better protected<br>
> against such threats in the future.<br>
><br>
> Our preliminary investigations do not indicate that any SSO accounts<br>
> have been compromised. If we do find that an account has been affected<br>
> in the course of our investigations, we will contact the account holder<br>
> individually to inform them.<br>
><br>
> We would like to ask you to enable two-factor authentication on your<br>
> RIPE NCC Access account if you have not already done so to ensure that<br>
> your account is secure. In general, using two-factor authentication<br>
> across all your accounts can help limit your exposure to such attacks.<br>
><br>
> If you notice any suspicious activity in your RIPE NCC Access account,<br>
> please contact us immediately at <<a href="mailto:security@ripe.net" target="_blank">security@ripe.net</a>>.<br>
><br>
> Best regards,<br>
><br>
> Ivo Dijkhuis<br>
> Senior Information Security Officer,<br>
> RIPE NCC<br>
><br>
<br>
_______________________________________________<br>
members-discuss mailing list<br>
<a href="mailto:members-discuss@ripe.net" target="_blank">members-discuss@ripe.net</a><br>
<a href="https://mailman.ripe.net/" rel="noreferrer" target="_blank">https://mailman.ripe.net/</a><br>
Unsubscribe: <a href="https://lists.ripe.net/mailman/options/members-discuss/elvis%40v4escrow.net" rel="noreferrer" target="_blank">https://lists.ripe.net/mailman/options/members-discuss/elvis%40v4escrow.net</a><br>
</blockquote></div></div>-- <br><div dir="ltr" class="gmail_signature" data-smartmail="gmail_signature">This message was sent from a mobile device. Some typos may be possible. </div>