Git-Mirrors/privacyguides.org
1
0
Fork 0
mirror of https://github.com/privacyguides/privacyguides.org.git synced 2024-07-11 13:51:56 +00:00
Code Issues Packages Projects Releases Wiki Activity

Raivo-OTP icon fix, consistency (#846)

Browse Source
This commit is contained in:
Daniel Gray 2022-04-02 06:19:08 +00:00
parent fec526192b
commit 140cc62b5a
No known key found for this signature in database
GPG Key ID: 41911F722B0F9AE3
1 changed files with 5 additions and 10 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

15
docs/multi-factor-authentication.md
View File

@ -9,7 +9,6 @@ icon: 'material/two-factor-authentication'
The idea behind 2FA is that even if a hacker is able to figure out your password (something you *know*), they will still need a device you own like your phone (something you *have*) in order to generate the code needed to log in to your account. 2FA methods vary in security based on this premise: The more difficult it is for an attacker to gain access to your 2FA method, the better. Examples of 2FA methods from strongest to weakest are Email or SMS codes, Push Notifications, Software (TOTP) Code-Generating Apps, and Hardware Keys.
## MFA Method Comparison
==**SMS Codes** or Emailed Codes are better than nothing at all, but only marginally.== Getting a code over SMS or Email takes away from the "something you *have*" idea, because there are a variety of ways a hacker could take over your phone number or gain access to your emails without having physical access to any of your devices at all!
**Push Notifications** take the form of a message being sent to an app on your phone asking you to confirm new account logins. This is a lot better than SMS or Email, since an attacker typically wouldn't be able to get these push notifications without having an already logged-in device, thus requiring physical access to your device. However, they can be easy to click through and accept accidentally, and are typically sent to *all* your devices at once, widening the availability of the 2FA code if you have many devices. This solution is also generally a proprietary solution, so you are reliant on the company you have an account with to implement their custom solution securely rather than implementing an industry standard. Finally, it requires you to keep an app for every login you have on your mobile device, which may or may not be convenient to you.
@ -21,9 +20,7 @@ The ultimate form of multi-factor security are **hardware keys**. These are devi
Ultimately, the best form of two-factor security is the one you will use consistently on every account you have, that doesn't significantly interfere with your life. If you need to log in to an account often or on many devices, a hardware key may prove to be too much of a burden for example.
## Hardware Security Keys
### YubiKey
!!! recommendation
![YubiKeys](/assets/img/multi-factor-authentication/yubikey.png)
@ -35,7 +32,6 @@ Ultimately, the best form of two-factor security is the one you will use consist
[Visit yubico.com](https://www.yubico.com){ .md-button .md-button--primary } [Privacy Policy](https://www.yubico.com/support/terms-conditions/privacy-notice){ .md-button }
### NitroKey
!!! recommendation
![NitroKey](/assets/img/multi-factor-authentication/nitrokey.jpg){ align=right }
@ -54,7 +50,6 @@ Ultimately, the best form of two-factor security is the one you will use consist
Authenticator Apps implement a security standard adopted by the Internet Engineering Task Force (IETF) called **Time-based One-time Passwords**, or **TOTP**. This is a method where websites share a secret with you which is used by your authenticator app to generate a six (usually) digit code based on the current time, which you enter while logging in for the website to check. Typically these codes are regenerated every 30 seconds, and once a new code is generated the old one becomes useless. Even if a hacker gets one six-digit code, there is no way for them to reverse that code to get the original secret, or otherwise be able to predict what any future codes might be.
### Aegis Authenticator
!!! recommendation
![Aegis logo](/assets/img/multi-factor-authentication/aegis.png){ align=right }
@ -64,19 +59,19 @@ Authenticator Apps implement a security standard adopted by the Internet Enginee
[Visit getaegis.app](https://getaegis.app){ .md-button .md-button--primary }
**Downloads:**
- [:pg-f-droid: F-Droid](https://f-droid.org/en/packages/com.beemdevelopment.aegis)
- [:fontawesome-brands-google-play: Google Play](https://play.google.com/store/apps/details?id=com.beemdevelopment.aegis)
- [:pg-f-droid: F-Droid](https://f-droid.org/en/packages/com.beemdevelopment.aegis)
- [:fontawesome-brands-github: GitHub](https://github.com/beemdevelopment/Aegis)
### Raivo OTP
!!! recommendation
![Raivo OTP logo](/assets/img/multi-factor-authentication/ravio-otp.png){ align=right }
![Raivo OTP logo](/assets/img/multi-factor-authentication/raivo-otp.png){ align=right }
**Raivo OTP** is a native, lightweight and secure time-based (TOTP) & counter-based (HOTP) password client built for iOS.
[Visit website](https://github.com/raivo-otp/ios-application){ .md-button .md-button--primary }
[Visit github.com](https://github.com/raivo-otp/ios-application){ .md-button .md-button--primary }
**Downloads:**
- [:fontawesome-brands-app-store-ios: App Store](https://apps.apple.com/us/app/raivo-otp/id1459042137)
- [:fontawesome-brands-github: GitHub](https://github.com/raivo-otp/ios-application)