Differences

This shows you the differences between two versions of the page.

--- security:authentication [2016/07/05 13:11] – cedric
+++ security:authentication [2016/07/06 08:16] (current) – cedric
@@ Line 7: / Line 7: @@
 Do not store passwords in the browser or on Internet.
-''pass'' can also generate passwords with ''pwgen''.
+''pass'' can also generate passwords (with ''pwgen''). Do not hesitate to generate strong passwords for each services you are using, since you won't need to remember them.
+With ''pass'' the passwords store can be a git repository, consequently it is possible synchronizes your passwords between different computers.
 ====== Two Factor Authentication (2FA) ======
-  * SMS;
+Different methods:
-  * application on your smarthpone or watch;
+  * One Time Password (OTP): by SMS, with Google Authenticator or backup codes;
-  * Google Authenticator;
+  * specific application on your smarthpone or watch;
   * YubiKey (my choice).
-With the YubiKey you will be able to
+With the YubiKey you will be able to:
+  * use the 2FA with services such as Google, GitLab, GitHub, Bitbucket, Dropbox;
-  * to use the 2FA with services such as Google, GitLab, GitHub, Dropbox;
+  * generate One Time Password;
-  * to generate One Time Password (OTP);
+  * unlock your smartphone;
-  * to unlock your smartphone;
+  * upload your GPG private key on it and then for example to protect your passwords store (''pass'' uses [[https://git.zx2c4.com/password-store/about | GPG for the encryption]]).
-  * to upload your GPG private key on it and then protect your passwords store (''pass'' uses GPG for the encryption).