... | ... | @@ -28,10 +28,20 @@ Rica in April 2023. |
|
|
and that "yubi" is the Japanese word for finger." ([Wikipedia](https://en.wikipedia.org/wiki/YubiKey#History),
|
|
|
[source](https://www.yubico.com/about/about-us/))
|
|
|
* what is 2FA? two-factor authentication
|
|
|
* why do we need 2FA? to make hacking your account more difficult,
|
|
|
and because people are not great at remembering good
|
|
|
passwords. also, it's required by GitHub and our Nextcloud instance
|
|
|
* why do we need a Yubikey? it's better than typical 2FA
|
|
|
* why do we need 2FA?
|
|
|
|
|
|
* to make hacking your account more difficult,
|
|
|
* ... and because people are not great at remembering good
|
|
|
passwords
|
|
|
* it's required by GitHub and our Nextcloud instance
|
|
|
|
|
|
* why do we need a Yubikey? it's better than typical 2FA, it can
|
|
|
protect against:
|
|
|
* phishing attacks (and say why)
|
|
|
* shoulder surfing and surveillance cameras
|
|
|
* it cannot protect against:
|
|
|
* malware on your computer (as they can control the YubiKey or
|
|
|
steal your session cookie)
|
|
|
* what are we going to do today? 2FA only
|
|
|
|
|
|
"There's all sorts of pitfalls and challenges in deploying 2FA and
|
... | ... | |