toad.social

adingbatponderOne of the most important functions on my computer is the GNOME <a href="https://fosstodon.org/tags/Authenticator" class="mention hashtag" rel="nofollow noopener" target="_blank">#Authenticator</a> app. Without it I cannot even access many of the services I use daily. I need to reinstall my <a href="https://fosstodon.org/tags/NixOS" class="mention hashtag" rel="nofollow noopener" target="_blank">#NixOS</a> machine to move to <a href="https://fosstodon.org/tags/flakes" class="mention hashtag" rel="nofollow noopener" target="_blank">#flakes</a> and clean up some messy command-line installs. Is there a way to restore the authenticator app after reinstall so it works for all services, without having to revisit each site and re-enroll the <a href="https://fosstodon.org/tags/2FA" class="mention hashtag" rel="nofollow noopener" target="_blank">#2FA</a> manually? Can this be achieved via a flake that manages <a href="https://fosstodon.org/tags/secrets" class="mention hashtag" rel="nofollow noopener" target="_blank">#secrets</a>? <a href="https://fosstodon.org/tags/authenticatorapp" class="mention hashtag" rel="nofollow noopener" target="_blank">#authenticatorapp</a>

RadgrydThanks everyone for all the recommendations! The reason I wanted to stop using Authy was because they were breached last year and they're also closed-source.If someone is thinking of moving away from Authy the following seem to be the most-liked on Fedi, going by the replies: Ente, Aegis, FreeOTP+ and 2FAS. All of them are free and open source.I chose Ente because it also works cross-platform. <a href="https://mstdn.games/tags/Authy" class="mention hashtag" rel="nofollow noopener" target="_blank">#Authy</a> <a href="https://mstdn.games/tags/AuthenticatorApp" class="mention hashtag" rel="nofollow noopener" target="_blank">#AuthenticatorApp</a>

RadgrydI want to move away from Authy. Dear Fedi, safest authenticator app? Go. <a href="https://mstdn.games/tags/AskFedi" class="mention hashtag" rel="nofollow noopener" target="_blank">#AskFedi</a> <a href="https://mstdn.games/tags/Authy" class="mention hashtag" rel="nofollow noopener" target="_blank">#Authy</a> <a href="https://mstdn.games/tags/AuthenticatorApp" class="mention hashtag" rel="nofollow noopener" target="_blank">#AuthenticatorApp</a>

Erik van Straten"The world is under siege. This is not news. State-sponsored cybercriminals and a growing army of newbies using powerful tools from the dark web are exploiting every weak link in our cybersecurity chains, which is first and foremost our users."Aldus John Gunn in <a href="https://www.bleepingcomputer.com/news/security/mfa-failures-the-worst-is-yet-to-come/" rel="nofollow noopener" translate="no" target="_blank">https://www.bleepingcomputer.com/news/security/mfa-failures-the-worst-is-yet-to-come/</a>.John Gunn heeft gelijk. Het internet is veel te onveilig en niemand die daar iets tegen doet.Terwijl websites steeds anoniemer worden, moet *U* steeds betrouwbaarder authenticeren (<a href="https://www.security.nl/posting/872694/VK+verplicht+vanaf+juli+%27robuuste%27+online+leeftijdsverificatie+voor+pornosites" rel="nofollow noopener" translate="no" target="_blank">https://www.security.nl/posting/872694/VK+verplicht+vanaf+juli+%27robuuste%27+online+leeftijdsverificatie+voor+pornosites</a>). Aanvankelijk gebruikmakend van hersenloze technieken, zoals het opsturen van een scan van uw paspoort. Alsof degene die zo'n kopie in handen krijgt (op legale of illegale wijze) niet *OOK* kan bewijzen dat zij of hij u is. Echter:BINNENKORT HOEFT ZO'N SCAN NIET MEER!Dan krijgt "iedereen" namelijk "geheel vrijwillig" een elektronisch paspoort op haar of zijn telefoon. Wat zou *DAAR* nou mis mee kunnen gaan?Ik waarschuw er al heel lang voor dat het internet veel te onveilig wordt. Maar dat is tegen dovemansoren, of zo'n artikel wordt simpelweg weggecensureerd. Zélfs als je zo'n artikel met verifieerbare feiten onderbouwt - middels links naar pagina's van VirusTotal (een dochterbedrijf van Google).(Mijn artikel valt overigens nog hier te lezen - voor zolang als dát duurt (Big Tech duldt geen kritiek): <a href="https://archive.is/3UwWn" rel="nofollow noopener" translate="no" target="_blank">https://archive.is/3UwWn</a> - zie ook <a href="https://infosec.exchange/@ErikvanStraten/113837934294209517" rel="nofollow noopener" translate="no" target="_blank">https://infosec.exchange/@ErikvanStraten/113837934294209517</a>). John Gunn gaat verder met:"Multi-Factor Authentication (MFA), once celebrated as an unbreakable defense, is crumbling under the weight of its outdated technology. Phishing attacks, ransomware, and sophisticated exploits are bypassing legacy MFA with astonishing ease."Ook daar waarschuw ik al jááren voor.Fix: <a href="https://www.security.nl/posting/840236/Veilig+inloggen" rel="nofollow noopener" translate="no" target="_blank">https://www.security.nl/posting/840236/Veilig+inloggen</a> (eigenlijk ben ik gek dat ik nog naar die site verwijs, waar ik al vele jaren -voor nop- aan bijdraag; stank voor dank).Daarin ook "plaatjes" waarin te zien is waarom 2FA/MFA middels SMS of "Authenticator" app geen zier helpt tegen AitM (Attacker in the Middle of MitM: <a href="https://en.wikipedia.org/wiki/Man-in-the-middle_attack" rel="nofollow noopener" translate="no" target="_blank">https://en.wikipedia.org/wiki/Man-in-the-middle_attack</a>) aanvallen; u bent kansloos als u alle informatie op een nepwebsite invoert.Hetzelfde risico loopt u straks met uw EDIW - nog een veilige dag gewenst.<a href="https://infosec.exchange/tags/Calimero" class="mention hashtag" rel="nofollow noopener" target="_blank">#Calimero</a> <a href="https://infosec.exchange/tags/Censuur" class="mention hashtag" rel="nofollow noopener" target="_blank">#Censuur</a> <a href="https://infosec.exchange/tags/GoogleIsEvil" class="mention hashtag" rel="nofollow noopener" target="_blank">#GoogleIsEvil</a> <a href="https://infosec.exchange/tags/UBentHetProduct" class="mention hashtag" rel="nofollow noopener" target="_blank">#UBentHetProduct</a> <a href="https://infosec.exchange/tags/BigTech" class="mention hashtag" rel="nofollow noopener" target="_blank">#BigTech</a> <a href="https://infosec.exchange/tags/AitM" class="mention hashtag" rel="nofollow noopener" target="_blank">#AitM</a> <a href="https://infosec.exchange/tags/MitM" class="mention hashtag" rel="nofollow noopener" target="_blank">#MitM</a> <a href="https://infosec.exchange/tags/MFA" class="mention hashtag" rel="nofollow noopener" target="_blank">#MFA</a> <a href="https://infosec.exchange/tags/2FA" class="mention hashtag" rel="nofollow noopener" target="_blank">#2FA</a> <a href="https://infosec.exchange/tags/TOTP" class="mention hashtag" rel="nofollow noopener" target="_blank">#TOTP</a> <a href="https://infosec.exchange/tags/AuthenticatorApp" class="mention hashtag" rel="nofollow noopener" target="_blank">#AuthenticatorApp</a> <a href="https://infosec.exchange/tags/eID" class="mention hashtag" rel="nofollow noopener" target="_blank">#eID</a> <a href="https://infosec.exchange/tags/EDIW" class="mention hashtag" rel="nofollow noopener" target="_blank">#EDIW</a> <a href="https://infosec.exchange/tags/EUDIW" class="mention hashtag" rel="nofollow noopener" target="_blank">#EUDIW</a> <a href="https://infosec.exchange/tags/LeeftijdsVerificatie" class="mention hashtag" rel="nofollow noopener" target="_blank">#LeeftijdsVerificatie</a> <a href="https://infosec.exchange/tags/Authenticatie" class="mention hashtag" rel="nofollow noopener" target="_blank">#Authenticatie</a> <a href="https://infosec.exchange/tags/Impersonatie" class="mention hashtag" rel="nofollow noopener" target="_blank">#Impersonatie</a> <a href="https://infosec.exchange/tags/IdentiteitsFraude" class="mention hashtag" rel="nofollow noopener" target="_blank">#IdentiteitsFraude</a>

ITSEC NewsBeware rogue 2FA apps in App Store and Google Play – don’t get hacked! - Even in Apple's and Google's "walled gardens", there are plenty of 2FA apps that are eith... <a href="https://nakedsecurity.sophos.com/2023/02/27/beware-rogue-2fa-apps-in-app-store-and-google-play-dont-get-hacked/" rel="nofollow noopener" target="_blank">https://nakedsecurity.sophos.com/2023/02/27/beware-rogue-2fa-apps-in-app-store-and-google-play-dont-get-hacked/</a> #2-factorauthentication <a href="https://schleuss.online/tags/authenticatorapp" class="mention hashtag" rel="nofollow noopener" target="_blank">#authenticatorapp</a> <a href="https://schleuss.online/tags/authenticator" class="mention hashtag" rel="nofollow noopener" target="_blank">#authenticator</a> <a href="https://schleuss.online/tags/cryptography" class="mention hashtag" rel="nofollow noopener" target="_blank">#cryptography</a> <a href="https://schleuss.online/tags/tommymysk" class="mention hashtag" rel="nofollow noopener" target="_blank">#tommymysk</a> <a href="https://schleuss.online/tags/dataloss" class="mention hashtag" rel="nofollow noopener" target="_blank">#dataloss</a> <a href="https://schleuss.online/tags/malware" class="mention hashtag" rel="nofollow noopener" target="_blank">#malware</a> <a href="https://schleuss.online/tags/mysk_co" class="mention hashtag" rel="nofollow noopener" target="_blank">#mysk_co</a> <a href="https://schleuss.online/tags/totp" class="mention hashtag" rel="nofollow noopener" target="_blank">#totp</a> <a href="https://schleuss.online/tags/2fa" class="mention hashtag" rel="nofollow noopener" target="_blank">#2fa</a>

Recent searches

Search options

Administered by:

Server stats:

#authenticatorapp