[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-talk] Tor-Friendly Two-Factor Authentication?

To: tor-talk@xxxxxxxxxxxxxxxxxxxx
Subject: Re: [tor-talk] Tor-Friendly Two-Factor Authentication?
From: Scott Arciszewski <scott@xxxxxxxxxxxxx>
Date: Sat, 11 Jun 2016 02:51:32 -0400
Delivered-to: archiver@xxxxxxxx
Delivery-date: Sat, 11 Jun 2016 02:52:01 -0400
Dkim-signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=paragonie-com.20150623.gappssmtp.com; s=20150623; h=mime-version:in-reply-to:references:date:message-id:subject:from:to; bh=MrHP5GTztF71izRbo0DMZicPW5c1h/X4LAHXOPOYujs=; b=tyX3oo06UYXLD7f3ezQozjVIuGAHHHfj5YTDgjEsKv2EztbfTdr+NMyceJl1coo6CA 8ooMEcoCc1ZXFMHzpKK8Y30/aadCGtohXlAMDHmcO9+6I2Ny0ow0/92kvS+kjvQoR0NB aVuhJ4b7WpkxRnqCBFxWmqwq1XMlwf5olQSsL/boPLR90JDRpTimg2pkNVqPrwNPo0kp b+3CMHlD+5XjVbKPhfOoH53M41ZJgweVKqWrcMfws9QtUk273rvgHFKLtjR3QX15UMTA sShUgh7XbprYE5zDUcD8yxG79Vd8sxEsYznOjYD9UOpeuk1Ib2Ejn3B4pOWZrGjVmfJQ uLQA==
In-reply-to: <CAB7TAM=e-zdUFJdV8T3YJ-t6VQKKx8fTr_GqU9VTDQitjG+aLQ@xxxxxxxxxxxxxx>
List-archive: <http://lists.torproject.org/pipermail/tor-talk/>
List-help: <mailto:tor-talk-request@lists.torproject.org?subject=help>
List-id: "all discussion about theory, design, and development of Onion Routing" <tor-talk.lists.torproject.org>
List-post: <mailto:tor-talk@lists.torproject.org>
List-subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk>, <mailto:tor-talk-request@lists.torproject.org?subject=subscribe>
List-unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-talk>, <mailto:tor-talk-request@lists.torproject.org?subject=unsubscribe>
References: <CAKws9z2UxNK0z9aKRSEoZLjYLj+mqCkgVOk9YN8Wa4Dgpk5gQg@xxxxxxxxxxxxxx> <CAB7TAM=e-zdUFJdV8T3YJ-t6VQKKx8fTr_GqU9VTDQitjG+aLQ@xxxxxxxxxxxxxx>
Reply-to: tor-talk@xxxxxxxxxxxxxxxxxxxx
Sender: "tor-talk" <tor-talk-bounces@xxxxxxxxxxxxxxxxxxxx>

On Fri, Jun 10, 2016 at 10:13 PM, Allen <allenpmd@xxxxxxxxx> wrote:

> On Fri, Jun 10, 2016 at 9:58 PM, Scott Arciszewski <scott@xxxxxxxxxxxxx>
> wrote:
>
> > * FIDO U2F requires users to purchase separate hardware devices which,
> > while cheap, aren't already in the arsenal of most netizens
> >
>
> How about developing a simple 2FA app for a smartphone?  Maybe a smartphone
> could emulate a FIDO U2F?  Alternately, I remember some of the first 2FA
> devices were fobs that displayed a 6 digit code that changed every 15
> seconds or so, based a pseudorandom generator that had a secret seed value
> that was known by the server.  A simple smartphone app design might be to
> give the user a pseudorandom seed when they create their account, the user
> inputs the seed into the app on their phone, and then when they want to
> login they have to enter a 6-8 digit code displayed by their smartphone
> app.  Maybe some apps like that already exist...
> --
> tor-talk mailing list - tor-talk@xxxxxxxxxxxxxxxxxxxx
> To unsubscribe or change other settings go to
> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
>

âSince I sent my email â
âI've been
âinformed that Google Authenticator doesn't require âa Google account. It
should be universal (RFC 4226 and/or 6238)
.

âIf I encounter any difficulties, I'll revisit this thread (possibly with a
vendor-neutral implementation if it proves annoying enough).â


Scott Arciszewski
Chief Development Officer
Paragon Initiative Enterprises <https://paragonie.com/>â
-- 
tor-talk mailing list - tor-talk@xxxxxxxxxxxxxxxxxxxx
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

References:
- [tor-talk] Tor-Friendly Two-Factor Authentication?
  - From: Scott Arciszewski
- Re: [tor-talk] Tor-Friendly Two-Factor Authentication?
  - From: Allen

Prev by Author: [tor-talk] Tor-Friendly Two-Factor Authentication?
Next by Author: Re: [tor-talk] Tor-Friendly Two-Factor Authentication?
Previous by thread: Re: [tor-talk] Tor-Friendly Two-Factor Authentication?
Next by thread: Re: [tor-talk] Tor-Friendly Two-Factor Authentication?
Index(es):
- Author
- Thread