|
You are here |
educatedguesswork.org | ||
| | | | |
kevingimbel.de
|
|
| | | | | A digital garden of sorts; always growing | |
| | | | |
blog.luke.wf
|
|
| | | | | I've been thinking a lot recently about information security and passwords. It's widely agreed that two-factor authentication, which combi... | |
| | | | |
mark-story.com
|
|
| | | | | I have been following the Webauthn standards and browser support since the early days of FIDO compatible keys. I strongly believe that hardware keys are our best path forward to provide phishing resistant, easy to operate authentication, that doesn't compromise on privacy. | |
| | | | |
rcoh.me
|
|
| | | I always wondered how Google Authenticator style 2-factor codes worked. The process of going from QR code to rotating 6-digit pin seemed a bit magical. A few days ago, my curiosity found itself coupled with some free time. Here's what I found: What's in the QR Code I scanned the QR code from Github with a barcode scanning app. Here's what's inside: otpauth://totp/Github:rcoh?secret=onswg4tforrw6zdf&issuer=Github Not too surprising. It tells us the protocol, TOTP, who is issuing this OTP code (Github), and most importantly the secret:1 | ||