2FA, was A Deep Dive on the Recent Widespread DNS Hijacking

Rubens Kuhl rubensk at gmail.com
Tue Feb 26 03:20:10 UTC 2019

On Tue, Feb 26, 2019 at 12:14 AM John Levine <johnl at iecc.com> wrote:

> In article <24679.1551146531 at turing-police.cc.vt.edu> you write:
> >So what registries/registrars are supporting 2FA that's better than SMS?
> Opensrs does TOTP.  It's certainly not bulletproof, but it's tied to
> your actual phone rather than the phone number.  (We careful folk put
> our TOTP keys on a couple of our devices in case the phone dies or
> gets lost.)  It's very easy to implement, it's an IETF open
> specification, and there are lots of clients that support it.
> FIDO keys (like Yubikey) also seem OK but I haven't looked at how hard
> they are to implement.
https://twofactorauth.org/#domains gives a good view of the domain
management landscape regarding 2FA.

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.nanog.org/pipermail/nanog/attachments/20190226/64d4cb83/attachment.html>

More information about the NANOG mailing list