Archive for the ‘2FA/MFA’ Category
Posted by jpluimers on 2025/05/05
Installing the Authy iOS app on a Apple Silicon Mac (M1/M2/M3/…) used to be the way to keep using Authy in the Mac Desktop, as early this year Authy announced their desktop applications would shut down by August (links further below).
I missed the September 2024 post [Wayback/Archive] Tell HN: Twilio quietly removes Authy iOS app from Mac App Store, stops updates | Hacker News, which basically means that if you had it installed on a Mac, it will keep being installed but never updated.
This was done silently by Authy owner Twilio making new installs are possible, never updating old installs any more thereby effectively decreasing your security.
Anyway: if you want to try side-loading, this is the iOS app link: [Wayback/Archive] Twilio Authy on the App Store.
Sideloadly (links further below) might work, but in reality it likely is better to have your MFA running on a separate device.
Read the rest of this entry »
Posted in 2FA/MFA, Authentication, Authy, Power User, Security, TOTP (Timebase One Time Pads) | Leave a Comment »
Posted by jpluimers on 2024/11/12
Posted in 2FA/MFA, Authentication, Development, Hardware, Hardware Interfacing, Power User, Security, Software Development, U2F FIDO Security Keys, USB, USB | Leave a Comment »
Posted by jpluimers on 2024/10/29
At the time of writing [Wayback/Archive] Two-Factor Authentication & Data Protection | Duo Security is supposed to be free for up to 10 users.
That seems to be an excellent opportunity to re-learn MFA things as it has been a while since I have done big work in that area.
Duo was one of the very many Cisco acquisitions and I wonder how it fits into the Cisco landscape.
Documentation bits to start at:
Read the rest of this entry »
Posted in 2FA/MFA, Authentication, Development, Mobile Development, Power User, Security, Software Development, Web Development | Leave a Comment »
Posted by jpluimers on 2024/03/11
Most Fritz!Box VoIP configurations have a phone number configured to only work on telephony devices (i.e. handsets) on the same Fritz!Box.
But it is possible to define a telephony device that itself is another VoIP end-point.
This way you can hook a second (or more) Fritz!Box up to the phone number(s) of the first Fritz!Box.
I am using this for two reasons:
Below is how to get this going, assuming the first Fritz!Box is a 7490 running firmware 7.29 and the second is a a 7360 with firmware 6.33 (other versions and firmware versions vary slightly).
But first the related post: Many links about free modem/router choice and their configurations for the Dutch KPN internet/VoIP provider where I figured out that just using a 7360 won’t cut it any more.
Read the rest of this entry »
Posted in 2FA/MFA, Authentication, Authy, DECT, Fritz!, Fritz!Box, Hardware, ISDN, Network-and-equipment, Power User, PSTN, Security, Telephony, VoIP | Leave a Comment »
Posted by jpluimers on 2024/02/16
My ISP did auto-update the Fritz!Box, but did not send release-notes, so I was not aware this feature had been added eons ago:
[Wayback/Archive] thuddevort on Twitter: “@jpluimers @wijnands @b0rk @xs4all You can disable the extra confirmation under System > FRITZ!Box Users > Additional Confirmation”.
I know a second factor is better for security, but doing that on both sites at the same time when setting up LAN2LAN VPN is tough (Fritz!Box names this either “LAN-LAN coupling” or “VPN Connections between the FRITZ!Box and Other Networks”.
A better feature at the same configuration page is instead of disabling, enabling to confirm using apps like Google Authenticator and Authy:
Read the rest of this entry »
Posted in 2FA/MFA, Authentication, Authy, Fritz!, Fritz!Box, Hardware, Network-and-equipment, Power User, Security | Leave a Comment »
Posted by jpluimers on 2023/12/06
Many recommend against using SMS for 2FA because of security reasons (SIM swapping, sniffing, etc), but there is another privacy+security reason: these 2FA phone numbers get leaked or sold as [Wayback/Archive] Daniel Cuthbert (@dcuthbert) found out the hard way last year:
–jeroen
Posted in 2FA/MFA, Authentication, GDPR/DS-GVO/AVG, Power User, Privacy, Security | Leave a Comment »
Posted by jpluimers on 2023/09/06
For my link archive as this page contains instructions to request 2FA privileges at Wikipedia: [Wayback/Archive] Help:Two-factor authentication – Wikipedia
Checking whether 2FA is enabled
To determine whether your account has 2FA enabled, go to Special:Preferences. Under “Basic information”, check the entry for “Two-factor authentication”, which should be between “Global account” and “Global preferences”:
Viewing m:Steward requests/Global permissions#Requests for 2 Factor Auth tester permissions is possible to do without being logged on at Wikipedia, but for requesting the 2FA permission and accessing Special:Preferences you need to be logged on.
Visit [Wayback/Archive] Steward requests/Global permissions/2018-12 – Meta and look for “OATH tester” for some examples of motivations for requesting.
–jeroen
Posted in 2FA/MFA, Authentication, Power User, Security, SocialMedia, wikipedia | Leave a Comment »
Posted by jpluimers on 2023/08/29
If you haven’t done so already, then enable 2FA for your GitHub account now: This will be a requirement in 2 weeks time.
The 2FA/MFA possibility started about half a year ago with [Wayback/Archive] Raising the bar for software security: GitHub 2FA begins March 13 – The GitHub Blog
You can have various means of 2FA, which al start with a choice between:
After completing either of those those, you can view/download a set of backup codes, and you can add more factors to your Multi-factor authentication setup up to these:
Read the rest of this entry »
Posted in 2FA/MFA, Authentication, Development, DVCS - Distributed Version Control, git, GitHub, Power User, Security, Software Development, Source Code Management | Leave a Comment »
The Wiert Corner - irregular stream of stuff 