For my hackathon project I did try to make CFA (Cat Factor Authentication, using your cat's microchip as a second factor) a thing 😆 The project did win a prize, but more for the experimentation then the actual result https://wpengine.com/blog/hackathon-december-2023/
Ein Bekannter ist zur Zeit in Ausbildung zum #Allgemeinmediziner und sucht einen #Job als #MFA oder #Arzthelfer in oder bei #Hannover. Falls du etwas weißt/eine Stelle anzubieten hast oder du wen kennst, der oder die etwas wissen könnte, schreib mir einfach. :) Danke <3!
I've been thinking about getting a hardware security key and have heard of yubikey before; but I want to see what my options are and if they are worth it in your opinion.
My current setup is a local KeePassXC database (that I sync between my PC and phone and also acts as TOTP authenticator app), I know that KeePass supports hardware keys for unlocking the database.
I am personally still of the belief that passwords are the safest when done right; but 2FA/MFA can greatly increase security on top of that (again, if done right).
The key work work together with already existing passwords, not replace them.
As I use linux as my primary OS I do expect it to support it and anything that doesn't I will have to pass on.
PS: what are the things I need to know about these hardware keys that's not being talked about too much, I am very much delving into new territory and want to make sure I'm properly educated before I delve in.
Key point is this: "companies and end users should always use multi-factor authentication to lockdown accounts when possible and ensure it’s compliant with the #FIDO standard when available. #MFA available through push notifications or one-time passwords provided by text, email, or authenticator apps are better than nothing, but as events over the past few years have demonstrated, they are themselves easily defeated in credential phishing attacks" #webauthn#2fa
My Google Pixel 4a 5G died this afternoon and it won't turn on - I am trying all the rebooting / forced restarting options, but nothing is working so far.
The key lesson I am learning is how dependent I am on everything on my phone - my music is on my phone, audio books are on my phone, #MFA is on my phone, entertainment in the form of games are on my phone.
I knew I was dependent, but not just how dependent I was.
Cybersecurity researchers have figured out a way to exploit what seems to be a bug in Apple’s password reset feature in a new scam that can lock you out of your iPhone if you’re not careful.
I remember the day I switched to Authy because it would not vendor-lockin me for #TOTP codes. Alas, today is the day where I ditched it because Authy - without warning - stopped supporting the desktop app, even hurrying the deadline by 5 months! That was 70% of the total notification window as far as I could tell.
Requiring a mobile device for #2FA#MFA is not quite the same for me, and it can get lost (or stolen) way too easily for my taste.
The FIDO specification defines a form of Universal 2nd Factor (U2F) when users log in to a system. Rather than relying on one-time codes sent via SMS, or displayed on a phone screen, these are physical hardware tokens which are used to supplement passwords. When used with websites, this technology is also known as WebAuthn.
Passwordless is great, but perhaps you need to consider basic MFA to start? If that's you, it's time for a refresher. Spoiler: it's not heavy key fobs any more.
🆕 blog! “Giving the finger to MFA - a review of the Z1 Encrypter Ring from Cybernetic”
★★★★☆
I have mixed feelings about Multi-Factor Authentication. I get why it is necessary to rely on something which isn't a password but - let's be honest here - it is a pain juggling between SMS, TOTP apps, proprietary apps, and mag…
But, it turns out that the shop does not process purchase requests, resulting in an incomplete page with nothing to click on.
And the support email bounces as nonexistent.
I hope that you would incorporate that information in your review and/or boost this as a real world experience.
🆕 blog! “Review: An NFC reader/writer with USB-C - ACR1252U-MF”
★★★★⯪
I needed to read and write NFC cards on Linux. I only buy USB-C peripherals now, so I found the brilliantly named "ACR1252U-MF" which appears to be the only USB-C reader on the market. Total cost was about £35 on eBay. It's a cheap and light plastic box with a short USB …
I needed to read and write NFC cards on Linux. I only buy USB-C peripherals now, so I found the brilliantly named "ACR1252U-MF" which appears to be the only USB-C reader on the market. Total cost was about £35 on eBay.
It's a cheap and light plastic box with a short USB cord. When you plug it in, there's a flashing light which can't be disabled. When it is powered up, or it detects and NFC chip, it makes this weird and scratchy beep:
Am Donnerstag legten bundesweit rund 2.000 Beschäftigte in Arztpraxen die Arbeit nieder, der Verband medizinischer Fachberufe hatte zum Warnstreik aufgerufen. Die Forderung: bessere Arbeitsbedingungen und mehr Gehalt. 🩺
Praxismanagerin Jana August wollte mit dem Warnstreik auch für mehr Anerkennung ihres Berufs kämpfen. "Wir sind diejenigen, die den Laden am Laufen halten", sagt die Hamburgerin. 🥼