2FA, was A Deep Dive on the Recent Widespread DNS Hijacking

• Previous message (by thread): A Deep Dive on the Recent Widespread DNS Hijacking
• Next message (by thread): 2FA, was A Deep Dive on the Recent Widespread DNS Hijacking
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

In article <24679.1551146531 at turing-police.cc.vt.edu> you write:
>So what registries/registrars are supporting 2FA that's better than SMS?

Opensrs does TOTP.  It's certainly not bulletproof, but it's tied to
your actual phone rather than the phone number.  (We careful folk put
our TOTP keys on a couple of our devices in case the phone dies or
gets lost.)  It's very easy to implement, it's an IETF open
specification, and there are lots of clients that support it.

FIDO keys (like Yubikey) also seem OK but I haven't looked at how hard
they are to implement.

• Previous message (by thread): A Deep Dive on the Recent Widespread DNS Hijacking
• Next message (by thread): 2FA, was A Deep Dive on the Recent Widespread DNS Hijacking
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]