mirror of
https://github.com/privacyguides/privacyguides.org.git
synced 2025-01-17 02:27:12 -05:00
Raivo-OTP icon fix, consistency (#846)
This commit is contained in:
parent
fec526192b
commit
140cc62b5a
@ -9,7 +9,6 @@ icon: 'material/two-factor-authentication'
|
|||||||
The idea behind 2FA is that even if a hacker is able to figure out your password (something you *know*), they will still need a device you own like your phone (something you *have*) in order to generate the code needed to log in to your account. 2FA methods vary in security based on this premise: The more difficult it is for an attacker to gain access to your 2FA method, the better. Examples of 2FA methods from strongest to weakest are Email or SMS codes, Push Notifications, Software (TOTP) Code-Generating Apps, and Hardware Keys.
|
The idea behind 2FA is that even if a hacker is able to figure out your password (something you *know*), they will still need a device you own like your phone (something you *have*) in order to generate the code needed to log in to your account. 2FA methods vary in security based on this premise: The more difficult it is for an attacker to gain access to your 2FA method, the better. Examples of 2FA methods from strongest to weakest are Email or SMS codes, Push Notifications, Software (TOTP) Code-Generating Apps, and Hardware Keys.
|
||||||
|
|
||||||
## MFA Method Comparison
|
## MFA Method Comparison
|
||||||
|
|
||||||
==**SMS Codes** or Emailed Codes are better than nothing at all, but only marginally.== Getting a code over SMS or Email takes away from the "something you *have*" idea, because there are a variety of ways a hacker could take over your phone number or gain access to your emails without having physical access to any of your devices at all!
|
==**SMS Codes** or Emailed Codes are better than nothing at all, but only marginally.== Getting a code over SMS or Email takes away from the "something you *have*" idea, because there are a variety of ways a hacker could take over your phone number or gain access to your emails without having physical access to any of your devices at all!
|
||||||
|
|
||||||
**Push Notifications** take the form of a message being sent to an app on your phone asking you to confirm new account logins. This is a lot better than SMS or Email, since an attacker typically wouldn't be able to get these push notifications without having an already logged-in device, thus requiring physical access to your device. However, they can be easy to click through and accept accidentally, and are typically sent to *all* your devices at once, widening the availability of the 2FA code if you have many devices. This solution is also generally a proprietary solution, so you are reliant on the company you have an account with to implement their custom solution securely rather than implementing an industry standard. Finally, it requires you to keep an app for every login you have on your mobile device, which may or may not be convenient to you.
|
**Push Notifications** take the form of a message being sent to an app on your phone asking you to confirm new account logins. This is a lot better than SMS or Email, since an attacker typically wouldn't be able to get these push notifications without having an already logged-in device, thus requiring physical access to your device. However, they can be easy to click through and accept accidentally, and are typically sent to *all* your devices at once, widening the availability of the 2FA code if you have many devices. This solution is also generally a proprietary solution, so you are reliant on the company you have an account with to implement their custom solution securely rather than implementing an industry standard. Finally, it requires you to keep an app for every login you have on your mobile device, which may or may not be convenient to you.
|
||||||
@ -21,9 +20,7 @@ The ultimate form of multi-factor security are **hardware keys**. These are devi
|
|||||||
Ultimately, the best form of two-factor security is the one you will use consistently on every account you have, that doesn't significantly interfere with your life. If you need to log in to an account often or on many devices, a hardware key may prove to be too much of a burden for example.
|
Ultimately, the best form of two-factor security is the one you will use consistently on every account you have, that doesn't significantly interfere with your life. If you need to log in to an account often or on many devices, a hardware key may prove to be too much of a burden for example.
|
||||||
|
|
||||||
## Hardware Security Keys
|
## Hardware Security Keys
|
||||||
|
|
||||||
### YubiKey
|
### YubiKey
|
||||||
|
|
||||||
!!! recommendation
|
!!! recommendation
|
||||||
|
|
||||||
![YubiKeys](/assets/img/multi-factor-authentication/yubikey.png)
|
![YubiKeys](/assets/img/multi-factor-authentication/yubikey.png)
|
||||||
@ -35,7 +32,6 @@ Ultimately, the best form of two-factor security is the one you will use consist
|
|||||||
[Visit yubico.com](https://www.yubico.com){ .md-button .md-button--primary } [Privacy Policy](https://www.yubico.com/support/terms-conditions/privacy-notice){ .md-button }
|
[Visit yubico.com](https://www.yubico.com){ .md-button .md-button--primary } [Privacy Policy](https://www.yubico.com/support/terms-conditions/privacy-notice){ .md-button }
|
||||||
|
|
||||||
### NitroKey
|
### NitroKey
|
||||||
|
|
||||||
!!! recommendation
|
!!! recommendation
|
||||||
|
|
||||||
![NitroKey](/assets/img/multi-factor-authentication/nitrokey.jpg){ align=right }
|
![NitroKey](/assets/img/multi-factor-authentication/nitrokey.jpg){ align=right }
|
||||||
@ -54,7 +50,6 @@ Ultimately, the best form of two-factor security is the one you will use consist
|
|||||||
Authenticator Apps implement a security standard adopted by the Internet Engineering Task Force (IETF) called **Time-based One-time Passwords**, or **TOTP**. This is a method where websites share a secret with you which is used by your authenticator app to generate a six (usually) digit code based on the current time, which you enter while logging in for the website to check. Typically these codes are regenerated every 30 seconds, and once a new code is generated the old one becomes useless. Even if a hacker gets one six-digit code, there is no way for them to reverse that code to get the original secret, or otherwise be able to predict what any future codes might be.
|
Authenticator Apps implement a security standard adopted by the Internet Engineering Task Force (IETF) called **Time-based One-time Passwords**, or **TOTP**. This is a method where websites share a secret with you which is used by your authenticator app to generate a six (usually) digit code based on the current time, which you enter while logging in for the website to check. Typically these codes are regenerated every 30 seconds, and once a new code is generated the old one becomes useless. Even if a hacker gets one six-digit code, there is no way for them to reverse that code to get the original secret, or otherwise be able to predict what any future codes might be.
|
||||||
|
|
||||||
### Aegis Authenticator
|
### Aegis Authenticator
|
||||||
|
|
||||||
!!! recommendation
|
!!! recommendation
|
||||||
|
|
||||||
![Aegis logo](/assets/img/multi-factor-authentication/aegis.png){ align=right }
|
![Aegis logo](/assets/img/multi-factor-authentication/aegis.png){ align=right }
|
||||||
@ -64,19 +59,19 @@ Authenticator Apps implement a security standard adopted by the Internet Enginee
|
|||||||
[Visit getaegis.app](https://getaegis.app){ .md-button .md-button--primary }
|
[Visit getaegis.app](https://getaegis.app){ .md-button .md-button--primary }
|
||||||
|
|
||||||
**Downloads:**
|
**Downloads:**
|
||||||
- [:pg-f-droid: F-Droid](https://f-droid.org/en/packages/com.beemdevelopment.aegis)
|
|
||||||
- [:fontawesome-brands-google-play: Google Play](https://play.google.com/store/apps/details?id=com.beemdevelopment.aegis)
|
- [:fontawesome-brands-google-play: Google Play](https://play.google.com/store/apps/details?id=com.beemdevelopment.aegis)
|
||||||
|
- [:pg-f-droid: F-Droid](https://f-droid.org/en/packages/com.beemdevelopment.aegis)
|
||||||
- [:fontawesome-brands-github: GitHub](https://github.com/beemdevelopment/Aegis)
|
- [:fontawesome-brands-github: GitHub](https://github.com/beemdevelopment/Aegis)
|
||||||
|
|
||||||
### Raivo OTP
|
### Raivo OTP
|
||||||
|
|
||||||
!!! recommendation
|
!!! recommendation
|
||||||
|
|
||||||
![Raivo OTP logo](/assets/img/multi-factor-authentication/ravio-otp.png){ align=right }
|
![Raivo OTP logo](/assets/img/multi-factor-authentication/raivo-otp.png){ align=right }
|
||||||
|
|
||||||
**Raivo OTP** is a native, lightweight and secure time-based (TOTP) & counter-based (HOTP) password client built for iOS.
|
**Raivo OTP** is a native, lightweight and secure time-based (TOTP) & counter-based (HOTP) password client built for iOS.
|
||||||
|
|
||||||
[Visit website](https://github.com/raivo-otp/ios-application){ .md-button .md-button--primary }
|
[Visit github.com](https://github.com/raivo-otp/ios-application){ .md-button .md-button--primary }
|
||||||
|
|
||||||
**Downloads:**
|
**Downloads:**
|
||||||
- [:fontawesome-brands-app-store-ios: App Store](https://apps.apple.com/us/app/raivo-otp/id1459042137)
|
- [:fontawesome-brands-app-store-ios: App Store](https://apps.apple.com/us/app/raivo-otp/id1459042137)
|
||||||
|
- [:fontawesome-brands-github: GitHub](https://github.com/raivo-otp/ios-application)
|
||||||
|
Loading…
Reference in New Issue
Block a user