2fa   1676

« earlier    

cjs/symantec-vip-otp-generator: FOSS-variant of Symantec's VeriSign Identity Protection to generate compliant TOTP otpauth:// URIs
FOSS-variant of Symantec's VeriSign Identity Protection to generate compliant TOTP otpauth:// URIs - cjs/symantec-vip-otp-generator
paypal  2fa  symantec  cli  security  otp 
2 days ago by e2b
cyrozap/python-vipaccess: A free software implementation of Symantec's VIP Access application and protocol
A free software implementation of Symantec's VIP Access application and protocol - cyrozap/python-vipaccess
paypal  2fa  symantec  cli  security  otp 
2 days ago by e2b
Twitter
RT : This is genius! 🤯

Fortnite encourages players to enable by offering a free in-game item. Here is the catch: o…
2FA  from twitter_favs
4 days ago by oliver.turner
Gluu
Central authentication and authorization for web and mobile applications.
authentication  2fa  2factor 
5 days ago by sphere2k
How to activate Apple ID 2fa when you have two accounts – Jonathan T
Two-factor authentication is an additional layer of security designed to ensure that you’re the only person who can access your account, even if someone knows your password. via Pocket
IFTTT  Pocket  2fa  apple 
7 days ago by ChristopherA
GitHub - riverrun/one_time_pass_ecto: One-time password library with Ecto support (for Elixir)
One-time password library for apps using Ecto. This can help you support two-step authentication in Elixir apps.
security  password  elixir  2fa  authentication 
9 days ago by jefframnani
Two-Factor Authorization Apps for iOS | The Mac Security Blog
We've written many times about two-factor authentication (2FA) on this blog, and why it's essential to protect your accounts in this way. When you set up 2FA, most services send you a code by SMS by default, but many services also allow you to use a 2FA app, which you can run on your Mac, your iOS device, or even your Apple Watch. In this article, I'm going to explain why you should use an app like this, and I'm going to discuss three such iOS apps: Google Authenticator, Authy, and 1Password.
Why should you use a two-factor authentication app?
Two-factor authentication is a way of adding an extra layer of security to your accounts. It combines something you know: your user name and password, with something you have: a code that is sent to you by the service, or generated by an app. Since data breaches are so common, and, let's admit it, many people re-use passwords because good passwords are difficult to remember, the "something you know" may also be in the hands of miscreants.
However, the something you have—the authorization code—cannot be leaked and reused at a later time, because these codes have a very short lifespan (usually a matter of minutes or seconds). However, when codes are sent via SMS, they could be intercepted, which is why using an app provides assurance that on one can get at the code you use to confirm your identity. They are easy to set up and use, and they're quicker to use, since you don't have to wait for codes to be sent to you. They can even provide you with access when you can't receive SMSes.
security  privacy  ios  2FA  apps 
10 days ago by rgl7194
Hands up who reuses the same password everywhere, even with your Nest. Keep your hand up if you like being spied on by hackers • The Register
Kieren McCarthy:
<p>Nest has urged its customers to not reuse passwords between their smart home gizmos and other websites and services.

This comes after miscreants were spotted taking usernames and passwords leaked or stolen from other websites, and using them to attempt to log into Nest accounts and hijack the internet-connected home gadgets, a type of attack known as credential stuffing.

Rishi Chandra, general manager of the Google-owned smart home outfit, sent an email to all Nest customers on Wednesday noting that the manufacturer had "heard from people experiencing issues with their Nest devices" before running through some security tips to secure their accounts…

…according to Nest, the likelihood is that dirtbags are trying out usernames and passwords dumped online from unrelated website security breaches, to access Nest accounts where credentials have been reused.

"Even though Nest was not breached, customers may be vulnerable because their email addresses and passwords are freely available on the internet," Chandra's email warned. "If a website is compromised, it's possible for someone to gain access to user email addresses and passwords, and from there, gain access to any accounts that use the same login credentials."

Nest claims to proactively look out for passwords being spilled online, "and when compromised accounts are found, we alert you and temporarily disable access. We also prevent the use of passwords that appear on known compromised lists."</p>


As we have said before, Nest <a href="https://nest.com/support/article/How-to-use-2-step-verification-to-add-stronger-security-to-your-Nest-Account">allows two-factor authentication</a>, though presently only via SMS (which is weaker than TOTP - timed one-time password - systems such as Authy or Google Authenticator). Odd that a company which is part of Google shouldn't have TOTP.
nest  2fa  hacking 
15 days ago by charlesarthur

« earlier    

related tags

1password  2factor  510  activist  adb  advertising  advisory:  amazon  android  apache  app  apple  apps  arstechnica  article  attacks  auth  authentication  authenticator  backup  bot  breach  browser  business  bypass  camera  camping  card  charger  cli  consumer  cool_tools  cpj  credential  credit_freeze  criticism  crypto  cryptography  data  database  deliveroo  developer  development  disk  dns  dopost  dropbox  duo  elixir  email  encryption  facebook  faceid  fde  fido  finance  fingerprint  fintech  for-toni  full  gadgets  gateway  git  gmail  golang  google-chrome  google  gpg  hack  hacking  hardware  horrorstories  howto  hrd  http  icloud  ifttt  important  informationsecurity  infosec  infosecurity  instagram  internet  internetofthings  ios  iran.  iran  itunesconnect  jan19  key  krebs  lang:en  lastpass  linux  location_services  luks  mac  macos  malware  mena  messaging  metadata  mfa  migrate  mimic  mitm  mobile  nest  networkandtelecoms  nfc  nyt  oath  offline  osx  otf  otp  password-managers  password  passwords  paypal  pentesting  phishing  phishng  phone  pki  pocket  privacy  proxmox  proxy  qrcode  reverse  root  safety  scripts  search  security  smh  sms  social_media  socialengineering  sophisticated  ss7  symantec  tech  technology  telecoms  tidbits  token  tool  tools  totp  touchid  trojan  twitter  twofactor  u2f  ubuntu  usb  video  vpn  want  webauthn  wi-fi  windows  yubico  yubikey 

Copy this bookmark:



description:


tags: