This archive is retained to ensure existing URLs remain functional. It will not contain any emails sent to this mailing list after July 1, 2024. For all messages, including those sent before and after this date, please visit the new location of the archive at https://mailman.ripe.net/archives/list/ripe-list@ripe.net/
[ripe-list] account breaking leads to routing mess
- Previous message (by thread): [ripe-list] account breaking leads to routing mess
- Next message (by thread): [ripe-list] RIPE NCC Access: Security Breach Investigation
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Saku Ytti
saku at ytti.fi
Thu Jan 4 14:17:43 CET 2024
On Thu, 4 Jan 2024 at 09:48, Randy Bush <randy at psg.com> wrote: > e.g. perhaps 2fa and a password entropy test should be required of > rov registrants Gandi allows SADDR lock to manage the domain, I always thought that's pretty nice to reduce surface area. Considering if your domain is pwned, every account is pwned, as email is used for authentication ~always. 2FA is good, webauthn would be great, I don't think any solution that tries to address password quality is useful at all, people will find ways to deliver bad passwords in every policy and it may be difficult to predict if policy increases or decreases probability of bad password. SADDR, webauthn, 2FA, not PW policy. -- ++ytti
- Previous message (by thread): [ripe-list] account breaking leads to routing mess
- Next message (by thread): [ripe-list] RIPE NCC Access: Security Breach Investigation
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]