Git-Mirrors/privacyguides.org
1
0
Fork 0
mirror of https://github.com/privacyguides/privacyguides.org.git synced 2024-10-01 01:35:57 -04:00
Code Issues Packages Projects Releases Wiki Activity

Use "set up" instead of "setup" (#1079)

Browse Source 
Co-Authored-By: taivlam <47955724+taivlam@users.noreply.github.com>
This commit is contained in:
Jonah Aragon 2022-04-22 19:43:27 -05:00
parent e1e18378ed
commit ac8b551d4a
No known key found for this signature in database
GPG Key ID: E147BA439A59846D
3 changed files with 9 additions and 9 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
docs/security/multi-factor-authentication.en.md
View File

@ -96,7 +96,7 @@ If a website or service supports WebAuthn for the authentication, it is highly r
We have these general recommendations:
### Which method should I use?
### Which Method Should I Use?
When configuring your MFA method, keep in mind that it is only as secure as your weakest authentication method you use. This means it is important that you only use the best MFA method available. For instance, if you are already using TOTP, you should disable email and SMS MFA. If you are already using FIDO2/WebAuthn, you should not be using Yubico OTP or TOTP on your account.
@ -106,7 +106,7 @@ You should always have backups for your MFA method. Hardware security keys can g
When using TOTP with an authenticator app, be sure to back up your recovery keys or the app itself, or copy the "shared secrets" to another instance of the app on a different phone or to an encrypted container (e.g [VeraCrypt](../encryption.md#veracrypt)).
### Initial setup
### Initial Set Up
When buying a security key, it is important that you change the default credentials, set up password protection for the key, and enable touch confirmation if your key supports it. Products such as the YubiKey) have multiple interfaces with separate credentials for each one of them, so you should go over each interface and set up protection as well.
@ -118,7 +118,7 @@ If you use SMS MFA, use a carrier who will not switch your phone number to a new
[MFA tools we recommend](../multi-factor-authentication.md){ .md-button }
## More places to setup MFA
## More Places to Set Up MFA
Beyond just securing your website logins, multi-factor authentication can be used to secure your local logins, SSH keys or even password databases as well.
@ -154,7 +154,7 @@ Qubes OS has support for Challenge-Response authentication with YubiKeys. If you
### SSH
#### Hardware security keys
#### Hardware Security Keys
SSH MFA could be set up using multiple different authentication methods that are popular with hardware security keys. We recommend that you check out Yubico's [documentation](https://developers.yubico.com/SSH/) on how to set this up.