For cli there are several scripts that generate the token given the key. I've seen python and PHP scripts that do so. TOTP is a simple thing, basically they concatenate the key with the current timestamp rounded down to half minute, take a hash and truncate to the last n digits. It's useful because of you reuse passwords and one service leaks them, an attacker cannot access other services that use the same password. You should never reuse passwords and use a password manager, but it's another security factor. A hardware key is better but OTP is free. KeepassXC is a good password manager, and Bitwarden have a free option too. On Sun, Oct 27, 2024, 11:37 Scott Allen via talk <talk@gtalug.org> wrote:
On Sun, 27 Oct 2024 at 10:10, Alvin Starr via talk <talk@gtalug.org> wrote:
On FIDO keys. Is the Google Titan a completely stand alone device with a documented interface? For anybody in the know are the Yubikey products standalone or tied to a service/proprietary interface?
Both are standalone and use the FIDO interface/standard. Some products from Yubikey support other protocols, as well.
There are also other manufacturers of FIDO compatible keys. For Goggle Titan keys (at least my older models) are actually made by Feitian Technologies. https://ftsafe.us/
Also, I have a Ledger Nano hardware cryptocurrency wallet. One of the apps available for it makes it behave as a FIDO key. https://shop.ledger.com/pages/hardware-wallet
I like the idea of a password manager but would like something that is Open Source and deployable directly on my system
KeePassXC is open source and there appears to be native compiles for many Linux distributions. I use the PPA for my Ubuntu systems.
-- Scott --- Post to this mailing list talk@gtalug.org Unsubscribe from this mailing list https://gtalug.org/mailman/listinfo/talk