asteroza + authentication   172

FIDO Alliance Biometric Component Certification Program - FIDO Alliance
New industry standards for biometric security certification, for FIDO biometric security. Kinda nice that there's an industry standard of sorts...
biometric  security  certification  standard  FIDO  authenticator  authentication  face  finger  recognition 
november 2018 by asteroza
Colm MacCárthaigh on Twitter: "Client certs and Mutual-Auth TLS is TERRIBAD."
I never really thought deep about client certs, but this makes a real case for why they actually suck, and possibly suck worse than anything else before...
client  certificate  TLS  MTLS  mutual  authentication  security  layer  violation 
october 2018 by asteroza
FIDO ®-Multi-Interface | FEITIAN
Looks like google's new Titan security key is an OEM Feitian multi, but allegedly with google built firmware (because Feitian firmware has had issues in the past...)
google  titan  USB  U2F  FIDO  NFC  BLE  bluetooth  security  key  hardware  electronics  devices  2FA  OTP  TOTP  authentication 
july 2018 by asteroza
paragonie/paseto: Platform-Agnostic Security Tokens
This is a more general token rather than as an alternative for JWT for JWT specific use cases. Though most JWT could be covered by a cookie better...
authentication  token  software  opensource  stateless  security  alternative  JWT 
june 2018 by asteroza
Web Authentication: An API for accessing Public Key Credentials Level 1
Improved web authentication on browsers using external USB/bluetooth/NFC security tokens, namely YubiKey.
WebAuthn  authentication  specification  standard  FIDO  U2F  webdev  security  web  external  hardware  token  access 
april 2018 by asteroza
ID4me – One ID for everything, everywhere
Dovecot makers are planning to extend IMAP to realtime chat, but need a federated ID backend using domain names. Looks like they will implement this through PowerDNS and this spec/group
ID4me  federated  ID  authentication  identity  backend  standard  specification  realtime  chat  IM  IMAP  dovecot  PowerDNS 
march 2018 by asteroza
Keratin AuthN
Based on Oauth, but API driven rather than redirect driven so you can customize your UX more
go  authentication  library  OAuth  microservice  authorization  webdev  programming  development  security 
november 2017 by asteroza
USB Dongle Auth List
List of sites with support for USB dongle authentication which includes One Time Passwords (OTP) and Universal 2nd Factor (U2F).
website  support  OTP  FIDO  U2F  list  compatibility  reference  information  USB  dongle  yubikey  security  password  authentication  2FA 
november 2017 by asteroza
B-Unit | Bloomberg Professional Services
A sort of beefed up FIDO U2F device, but with higher hardware protection features. Uses a photoreceptor to receive codes from the terminal screen itself, so no NFC/bluetooth/USB
bloomberg  terminal  authentication  portable  private  key  token  hardware  electronics  devices  security 
november 2017 by asteroza
SPIFFE / spiffe.io
A specification and reference implementation of a framework for secure distributed identity provisioning. Intended for short lived certs between microservices for mutual TLS authentication, but should be usable for other identity scenarios...
microservice  identity  framework  security  software  PKI  certificate  authentication  TLS  short  lived 
october 2017 by asteroza
gravitational/teleport: Modern SSH server for clusters and teams.
Interesting authentication proxy/SSH bastion host software, for allowing distributed teams to safely access distributed resources
SSH  bastion  host  authentication  proxy  SSO  cloud  management  devops  kubernetes  security  certificate  sysadmin  software 
september 2017 by asteroza
2STP Authenticator on the App Store
Good TOTP authenticator with reasonable backup/export options for phone migration
iPhone  iOS  app  authentication  HOTP  TOTP  OTP  authenticator  software  security  Delicious 
february 2017 by asteroza
DRAFT NIST Special Publication 800-63B
NIST now saying forced periodic password changes are stupid, and password max length is also stupid.
NIST  password  security  digital  authentication  government  guideline  reference  information  draft  Delicious 
july 2016 by asteroza
Home
Demoing a stereo jack based FIDO U2F external auth token for smartphones
FIDO  U2F  external  authentication  token  stereo  jack  hardware  electronics  devices  encryption  security  Delicious 
march 2016 by asteroza
Nok Nok Labs, Inc.
supposedly made a third party API bridge for using iPhone fingerprint sensors for two factor security.
2FA  two  2  factor  authorization  authentication  smartphone  phone  app  software  token  security  oauth  fingerprint  Delicious 
december 2014 by asteroza
NearBytes
Interesting alternative to NFC touchless comms, particularly for authentication/payment systems
NearBytes  acoustic  communication  protocol  proximity  short  range  ultrasonic  audio  sound  smartphone  android  iPhone  windows  app  software  authentication  side  channel  Delicious 
june 2014 by asteroza
Press Releases : DOCOMO Develops World's First SIM-based Authentication Mini Device
This isn't totally insane, as many countries are moving to electronic ID's using touchless access already. Moving some of the functionality to a bracelet that can be reused for SIM attributes is a reasonable extension of this concept. bluetooth fundamentally supports a remote SIM access profile, which is basically an extension of serial interface profiles already. Anything above SIM profile access though may be problematic without reusing an existing profile or standardizing a new one.
NTT  DoCoMo  research  portable  SIM  bracelet  authentication  external  storage  ID  touchless  bluetooth  Delicious 
june 2014 by asteroza
Keybase
Using a blockchain concept to get over the PGP key directory server hump.
security  blockchain  keychain  identity  authentication  key  PKI  directory  cryptography  PGP  SSH  GPG  Delicious 
april 2014 by asteroza
Chip and PIN is Broken
Yeah, this is old news, but chip and PIN is broken for those who still haven't heard...
EMV  chip  PIN  credit  card  security  hack  hacking  bank  MitM  attack  protocol  error  bug  failure  authentication  Delicious 
march 2014 by asteroza
SecureKey: Building Trusted Identity Networks
Apparently these guys have a deal with the USPS, to setup a cloud federated identity platform, so you can use bank website logins (or other identity providers deemed secure) to logon/verify identity with US federal websites. Sorta Fed OpenID?
cloud  identity  management  authentication  service  government  ID  password  security  federated  provider  USA  portal  Delicious 
january 2014 by asteroza
Transient Authentication for Mobile Devices
Dissertation by Mark Corner on transient authentication systems, with application to encrypted files systems. See also http://forensics.umass.edu/pubs/mcorner/sigops02.pdf
users  encryption  authentication  transient  security  ZIA  user  filesystem  storage  mobile  Delicious 
september 2013 by asteroza
« earlier      
per page:    204080120160

related tags

2-factor  2.0  2FA  512MB  802.1x  academic  access  accesspoint  account  acoustic  active  ad  addon  admin  administration  advocacy  agriculture  AI  ajax  Alcatel  algorithm  alternative  ALV  android  anonymous  anticounterfeiting  antispam  AP  apache  API  apml  app  applet  application  architecture  ARM  async  ATOM  attachment  attack  attention  audio  auth  authentication  authenticator  authentification  Authentify  authority  authorization  automation  AWS  backend  badge  band  bank  based  bastion  BATlogin  beamauth  Bell  BeyondCorp  bidirectional  bigbrother  bioelectric  biometric  biometrics  BLE  blockchain  blog  bloomberg  blueprint  bluetooth  bone  bookmark  bookmarklet  boot  bracelet  braille  bridge  BrowserID  brute  bug  bulk  business  C#  CA  CAC  call  callback  camera  captcha  capture  card  cardspace  carrier  CAS  CD  cellphone  center  central  centric  certifcate  certificate  certification  chain  challenge  channel  chat  chicken  china  chip  classic  CLI  clickpass  client  cliqset  cloud  code  command  common  communication  compatibility  compliance  computer  concept  conduction  configuration  confirmation  connect  contactless  control  controlled  coonect  correlation  crack  cracker  credential  credentials  Credentica  credit  cryptography  cryptomneme  data  Debian  decentralized  decode  decoder  delegated  Delicious  design  desktop  development  device  devices  devops  Digicash  digital  directory  disabled  disclosure  disk  DiSO  display  DisplayCard  distributed  distribution  distro  DKIM  DMARC  DoCoMo  DoD  dongle  dovecot  draft  drive  DriveCrypt  driverless  drivers  Duo  duress  e-ink  e-paper  ECG  edge  education  elasticsearch  electrocardiogram  electronic  electronics  email  Emue  EMV  encryption  engine  enterprise  entitlement  environment  error  ESOE  Evros  example  exchange  extension  external  EzBio  face  factor  failure  FDE  federal  federated  federation  FIDO  file  filesystem  filetype:pdf  filevault  finger  fingerprint  fingerprinte  firefox  flash  force  form  formats  framework  Fujitsu  full  function  fwknop  gap  Gardanto  GCP  generator  genpass  geometric  geronimo  GKE  gmail  GnuPG  go  google  GoogleApps  government  GPG  GPS  graphical  group  GSM  guide  guideline  hack  hacking  hardware  hased  hash  heart  heartbeat  hello  hibernation  Hitachi  holder  host  host-proof  hosting  hostproof  HOTP  howto  HTTP  httpd.conf  IAM  IBM  IC  ID  ID4me  identification  identity  IdM  ieee  IEEE1667  IM  image  IMAGINATION  IMAP  infocard  information  infosec  infrared  infrastructure  ink  input  integration  integrity  interface  internal  internet  iOS  iPhone  IR  ISO  IT  J2ME  jack  japan  java  javacard  javascript  JCOP  JSON  JWT  kerberos  key  keyboard  keychain  keycode  kittenauth  knocking  knowledge  KSI  kubernetes  label  Labs  laptop  layer  ldap  library  LID  lifehacks  light  lightweight  limited  line  linux  list  liveCD  lived  lobbying  lock  logic  login  logisitics  logon  logout  LPS  Lucent  LUKS  LXACML  mac  machine  managed  management  managment  mashup  mask  masked  MD5  media  media:document  memory  message  MFA  MFOC  microformats  microservice  microsoft  middleware  Mifare  migration  military  minutae  MitM  mobile  module  mOTP  mozilla  MSP  MTLS  multifactor  multitenant  multitier  muscle  mutual  MySecureDoc  NAC  NearBytes  Nedu  neo  network  networking  NFC  NIST  Node.js  noise  notebook  NSTIC  NTLM  NTT  OASIS  oauth  OCR  offline  OIDC  on  one  OneAPI  onetime  online  OOBA  open  OpenAM  openID  OpenID  OpenID4Java  openldap  openPGP  OpenPGP  OpenSEA  opensource  opensoure  opml  optical  oriented  OS  OSIS  OSX  OTP  Ouath  out-of-band  p2p  packet  page  PAKE  palm  PAM  paper  passfaces  passmemory  password  passwords  patch  pattern  Paypal  PBA  PC  PCMCIA  PDF  pentesting  persistence  persona  personal  PGP  phone  photo  physical  physically  picture  PIN  PIV  PKCS#11  PKI  platform  plugin  point  port  portability  portable  portal  PowerDNS  preboot  privacy  private  profile  programming  project  proof  protected  protection  protocol  provider  provisioning  prox  proximity  proxy  push  pushpin  PWNtcha  Radiant  RADIUS  range  RDF  RDP  reader  realtime  recognition  recongition  reference  remix  remote  research  REST  restart  review  RFID  ricochet  risk  RSA  RSS  SaaS  Safeguard  SalesForce  samba  SAML  sample  scanner  sdesign  SECUDE  secure  security  selector  semantic  sensor  sensors  server  service  setup  SG  share  Shibboleth  short  side  sigle  sign  signature  signon  SIM  single  single-sign-on  skull  small  smartcard  smartphone  SMS  social  softbank  software  sound  source  SPA  spam  specification  SPF  split  spray  Squid  SRP  ssh  sshkeychain  SSL  SSO  stamp  standard  standards  stanford  stateless  step  stereo  storage  subdirectory  suite  supergenpass  supplicant  supply  support  swing  Sxip  sysadmin  system  systems  tactile  tacton  tag  technology  telephone  template  terminal  test  time  timestamp  timestamping  tips  titan  TLS  token  tomcat  tools  tor  TOTP  touchless  touchscreen  transient  transmission  Trezor  tricks  TrustBearer  trusted  turing  tutorial  tweaks  two  U-Prove  U2F  ubuntu  ultrasonic  unclonable  undercover  universal  unlock  Urobot  USA  USB  user  user-centric  users  utilities  utimaco  validation  vein  Ventures  verification  violation  virtual  visible  vision  visual  visualization  voice  Voicelok  VPN  w3c  watermark  wearable  wearables  web  webAPI  webapp  WebAuthn  webdev  website  whole  wifi  windows  wireguard  wireless  workflow  WPA  wristband  X-PACK  x.509  XACML  xml  XMPP  Yadis  YADIS  yubikey  zero  zeroknowledge  ZIA  ZKS 

Copy this bookmark:



description:


tags: