New on LowEndTalk? Please Register and read our Community Rules.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
Comments
Just look at how Gmail does it. Offline one-time 2FA recovery codes.
There are many other ways...
There's a huge difference between registering a domain and installing an app that can take over your phone. Will you also give them keys to your house, access to your bank accounts, passwords to your linux iso collection? If you don't trust them with all that, why would you ever use their services? Answer: trust is not binary. And if I'm supposed to trust them with their app, will they trust me by releasing the source code? If not, that sounds a little bit one-directional. Thanks but no thanks.
Do you use the same password, or same set of passwords across everything? I have to bring out my phone for almost every website I log into, because I never use the same password. I only remember the ones I log into very frequently. If my phone is out, might as well spend the extra few seconds to open up my TOTP token for 2FA.
Password re-use, and no 2FA is just asking for trouble.
no, i have my own speical algorithm for password memorization
for junk sites that has no relevance to business or finance, i use a password manager
for important sites i use my alogrithm
For things like fingerprints, it might be ok though. Luckily I have 10 fingers so 9 chances of changing it before using them up.
Never heard that one before, but now I'm genuinely curious. Are you using some kind of caesar cipher on a common password, factoring in information about the site? Maybe you can explain it in such a way that doesn't reveal too much, but could be helpful to the community.
You have toes, you know.
Body parts are only good as usernames, not passwords. This is why I hate iPhone's Touch ID so much.
HMAC(master secret, hostname).hexdigest() works for me.
Something like that.
For example sake;
if you use the first letter of the domain name as the base
a-m - you use apple
n-z - you use oranges
then you have your own function category to what the site does
forum, banking, junk, etc
then just generate the password based on your own algorithm.
Or summarized more generally: smartphones, no matter whether apple or android are generally very questionable in terms of security.
As for TOTP which you seem to like, one should know that the security reduction of totp ~ security reduction of hash func, for which usually sha1 is used (which isn't considered secure anymore).
Granted, the problem is old and not exactly pretty,given that Alice and Bob have but one shared secret bitstring, how can some mechanism both a) proof knowledge of the shared secret, and b) do so in a way that Eve can't get at or derive that share secret, and c) not be vulnerable to replay and similar attacks?.
The classical approach which is also use by totp is to use a second, and ever changing, factor that is available to all involved parties. In the case of i.a. totp that second factor is time (well, a somewhat crude and maimed version).
The problem with that is that the second factor is basically a publicly known nonce (that's the purpose of the time factor). That, however, is not really a good solution because it basically comes down to the hashes security (which in the case of sha-1 isn't exactly great).
But again, granted, the problem is an ugly one. I happen to know because I worked on it myself for a client who understood the problem and wanted "a kind of totp but better" (more secure).
In case anyone here is interested: The second problem of totp from a security perspective is a) that the "nonce" is linear, increasing, and in fact predictable [sic], and b) that there isn't just black and white, read, there's not just "Eve does or does not know the shared secret", she may have a part of the shared secret - plus that both factors together make the mechanism even weaker.
Obviously a better solution will use a better (more secure) hash function plus (considerably more difficult and demanding) a public but not linear and not predictable nonce either instead of time or as additional (pre hash) factor.
Excuse me
@All
I'm stupid. What is TOTP?
A One time password token or something?
Time-based one-time-pad algorithm:
https://en.wikipedia.org/wiki/Time-based_One-time_Password_Algorithm
Basically you have either a hardware token or a phone app, that shows a 6 digit number associated with the web site, that changes once a minute or so. The server knows how to generate the sequence of numbers but with luck nobody else does (shared secret). When you log in and enter your password, you also get prompted for the (current) 6 digit code and the server checks it.
The idea is that to take over your account, the attacker needs to know your password AND get control of your phone. If they somehow manage to get one of the 6 digit codes, it's only good for a minute, i.e. the persistent reusable secret is hidden inside the phone. Someone is sure to chime in that it's not perfect and that phones are vulnerable, reset mechanisms introduce their own security holes, yada yada. That is all true, but in practice so far, it works fairly well and is much better than doing nothing.
Have been saying it for years but they wouldn't listen. Damn.
Had wikipedia called itself "the funny answers place" more people would go there and look for answers.
"encyclopedia", however, is just too frightening a word and makes people afraid of getting infected with who knows what ugly things. "Darling I would love to have sex, too, but I'm afraid I got infected with encyclopedia! So let's better use a condom and not kiss!"
Facebook ... spamming users via their 2FA numbers
Hahaha!
Wow learn something cool everyday from this place. LET is like school only not 7000 dollars a year.
@bsdguy
A shortname could represent many things. I guess if I put totp algorithm than I might have gotten the correct thing.
I like this algorithm. seems safe to me. Unless the user is infected with spyware, or their is a middleman attack (by somebody not using ssl on their site or something else I did not think of).
Real estates agents have been forced to use 2FA by TOTP for a while now.
When we are talking about this 2fa thing, We got to do it for every login or only when we got to change important things like the email we registered with the service?
Wouldn't it be ok if we were asked to do the totp thing when we must change sensitive security details. I think this would protect against a compromised user unless your server is compromised.
I imagine the first thing an evil hacker tries to do is change security details like password and email so real user can not easily recover it.
One of the things that scares me off is the cost. What's the cheapest practical way for a client to use 2FA? Can I get something for say, $10, per year?
For e-mails, they give you an option like Steam does. It's texted like this. "Remember this device and not request any more code?"
In some cases, that option does not exist and you are forced to do it every time you log in.
OK, you convinced me. Fuck math and years of learning,working and experience in crypto and IT security. "hammer,who just a while ago asked what totp is meaning likes it and feels it to be safe" should be damn convincing enough!
On the client side almost everyone does it with free phone apps now. Google Authenticator is probably the most popular one. Out of general Google allergies I use one from f-droid.org whose name I've forgotten, but it does about the same thing.
So how can we make it more secure? And do you think because of this that companies should just use passwords?
I got no dog in this fight. I am curious and voiced an opinion. I did not intend to convince anyone of anything and I am sorry if that sounded so.
@hammer
I see 2 main ways to make it more secure. a) use a better hash algo than sha-1, and b) way better opsec. In fact, very often the real problems aren't in the algos but in implementation and opsec.
@bsdguy
This has interested me enough to do some searching about cryptography over reading week.
Is knowledge of Differential equations necessary?
Also, are most libraries that produce random numbers (such as one in python and probably their is something for it in php) good enough for use in cryptography?
Also,
Are you talking about the cost for the provider or the client? If it's for the provider on Blesta 2FA is free and on WHMCS it only costs $1.5/month.
For a client the cheaper option would be it's current phone or a yubikey. Sorry if I did not understand your question..
Any of this costs seems cheap for me in terms of price benefit vs security.
Probably not but that's a hard to answer question, for one because not every bit of crypto stuff needs a high end random number generator but also and mainly because there's a big diversity in the prngs the diverse languages offer/use (plus it changes occasionally plus not all implementations are of reasonably good quality). Unfortunately I don't know much about the diverse languages and their prngs because I don't use them (because I always use proper (cs)prngs due to the (shockingly little known) fact that one can very often almost say "crypto is only as good as the prng it uses". I've seen quite some crypto mechanisms that used per se good algos but ended up poor due to ignoring the immense importance of random and using mediocre prngs).
Generally speaking and trying to be on the safe side you want to look at csprngs for security related things but as always actually things are more complex. To name an example, it might be better to use a good quality not-cs prng in some cases because csprngs are dimensionally more expensive in terms of cpu which in itself might open the door to risks sometimes.
Btw, most OSs nowadays offer reasonably good prngs, quite a few of which are csprngs. The problem there is that using them means syscalling which is a major performance issue (and even more so after spectre/meltdown) plus the fact that they often use intel hw prngs as at least one major random source which obviously is a dangerous thing to do. Just have a look at your OS; there might be a pleasant surprise (or a really ugly one).
It can help but it depends on where you're starting and where you want to end up. The no-longer-recent book "The Code Book", by Simon Singh, is imho a good place to start if you want something not too technical that's also not too dumbed down.
That's just the academic or theoretical subject though. Theory teaches how to do things perfectly, which is valuable knowledge, but ignores necessary real-world trade-offs which can be more complicated. E.g. 2FA has been much more successful using phone apps (very convenient and can be downloaded at no cost) than with the earlier clunky hardware tokens that are in principle more secure, but that are too much hassle for most everyday uses.
You should also look at "Security Engineering" by Ross Anderson, about the wider topic of security rather than crypto specficially. The whole book is online as pdf's on the author's site, which you can find with a web search.
So where can I get such a free phone? Like I said $10 per year is ok, but free is better.