2FA, was A Deep Dive on the Recent Widespread DNS Hijacking

• Previous message (by thread): 2FA, was A Deep Dive on the Recent Widespread DNS Hijacking
• Next message (by thread): 2FA, was A Deep Dive on the Recent Widespread DNS Hijacking
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Tue, Feb 26, 2019 at 12:14 AM John Levine <johnl at iecc.com> wrote:

> In article <24679.1551146531 at turing-police.cc.vt.edu> you write:
> >So what registries/registrars are supporting 2FA that's better than SMS?
>
> Opensrs does TOTP.  It's certainly not bulletproof, but it's tied to
> your actual phone rather than the phone number.  (We careful folk put
> our TOTP keys on a couple of our devices in case the phone dies or
> gets lost.)  It's very easy to implement, it's an IETF open
> specification, and there are lots of clients that support it.
>
> FIDO keys (like Yubikey) also seem OK but I haven't looked at how hard
> they are to implement.
>
>
https://twofactorauth.org/#domains gives a good view of the domain
management landscape regarding 2FA.


Rubens
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.nanog.org/pipermail/nanog/attachments/20190226/64d4cb83/attachment.html>

• Previous message (by thread): 2FA, was A Deep Dive on the Recent Widespread DNS Hijacking
• Next message (by thread): 2FA, was A Deep Dive on the Recent Widespread DNS Hijacking
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]