Differences

This shows you the differences between two versions of the page.

--- security:authentication [2016/07/05 13:02] – cedric
+++ security:authentication [2016/07/06 08:16] (current) – cedric
@@ Line 7: / Line 7: @@
 Do not store passwords in the browser or on Internet.
-''pass'' can also generate passwords with ''pwgen''.
+''pass'' can also generate passwords (with ''pwgen''). Do not hesitate to generate strong passwords for each services you are using, since you won't need to remember them.
-====== Two Factor Authentication ======
+With ''pass'' the passwords store can be a git repository, consequently it is possible synchronizes your passwords between different computers.
-  * SMS;
+====== Two Factor Authentication (2FA) ======
-  * application on your smarthpone or watch;
-  * Google Authenticator;
+Different methods:
+  * One Time Password (OTP): by SMS, with Google Authenticator or backup codes;
+  * specific application on your smarthpone or watch;
   * YubiKey (my choice).
-The Yubikey is a good choice, you can also upload your GPG private key on it.
+With the YubiKey you will be able to:
+  * use the 2FA with services such as Google, GitLab, GitHub, Bitbucket, Dropbox;
+  * generate One Time Password;
+  * unlock your smartphone;
+  * upload your GPG private key on it and then for example to protect your passwords store (''pass'' uses [[https://git.zx2c4.com/password-store/about | GPG for the encryption]]).