Differences

This shows you the differences between two versions of the page.

--- security:authentication [2016/07/05 11:27] – cedric
+++ security:authentication [2016/07/06 08:16] (current) – cedric
@@ Line 1: / Line 1: @@
-Management of password:
+====== Management of password ======
   * [[https://pwsafe.org | Password Safe]]
-  * [[https://www.passwordstore.org | pass]].
+  * [[https://www.passwordstore.org | pass]] (my choice).
+Do not store passwords in the browser or on Internet.
+''pass'' can also generate passwords (with ''pwgen''). Do not hesitate to generate strong passwords for each services you are using, since you won't need to remember them.
+With ''pass'' the passwords store can be a git repository, consequently it is possible synchronizes your passwords between different computers.
+====== Two Factor Authentication (2FA) ======
+Different methods:
+  * One Time Password (OTP): by SMS, with Google Authenticator or backup codes;
+  * specific application on your smarthpone or watch;
+  * YubiKey (my choice).
+With the YubiKey you will be able to:
+  * use the 2FA with services such as Google, GitLab, GitHub, Bitbucket, Dropbox;
+  * generate One Time Password;
+  * unlock your smartphone;
+  * upload your GPG private key on it and then for example to protect your passwords store (''pass'' uses [[https://git.zx2c4.com/password-store/about | GPG for the encryption]]).