2FA, was A Deep Dive on the Recent Widespread DNS Hijacking
rubensk at gmail.com
Tue Feb 26 03:20:10 UTC 2019
On Tue, Feb 26, 2019 at 12:14 AM John Levine <johnl at iecc.com> wrote:
> In article <24679.1551146531 at turing-police.cc.vt.edu> you write:
> >So what registries/registrars are supporting 2FA that's better than SMS?
> Opensrs does TOTP. It's certainly not bulletproof, but it's tied to
> your actual phone rather than the phone number. (We careful folk put
> our TOTP keys on a couple of our devices in case the phone dies or
> gets lost.) It's very easy to implement, it's an IETF open
> specification, and there are lots of clients that support it.
> FIDO keys (like Yubikey) also seem OK but I haven't looked at how hard
> they are to implement.
https://twofactorauth.org/#domains gives a good view of the domain
management landscape regarding 2FA.
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the NANOG