nanog mailing list archives
Re: 2FA, was A Deep Dive on the Recent Widespread DNS Hijacking
From: "John Levine" <johnl () iecc com>
Date: 25 Feb 2019 22:13:46 -0500
In article <24679.1551146531 () turing-police cc vt edu> you write:
So what registries/registrars are supporting 2FA that's better than SMS?
Opensrs does TOTP. It's certainly not bulletproof, but it's tied to your actual phone rather than the phone number. (We careful folk put our TOTP keys on a couple of our devices in case the phone dies or gets lost.) It's very easy to implement, it's an IETF open specification, and there are lots of clients that support it. FIDO keys (like Yubikey) also seem OK but I haven't looked at how hard they are to implement.
Current thread:
- Re: A Deep Dive on the Recent Widespread DNS Hijacking, (continued)
- Re: A Deep Dive on the Recent Widespread DNS Hijacking Paul Ebersman (Feb 25)
- Re: A Deep Dive on the Recent Widespread DNS Hijacking Sander Steffann (Feb 25)
- Re: A Deep Dive on the Recent Widespread DNS Hijacking Owen DeLong (Feb 25)
- Re: A Deep Dive on the Recent Widespread DNS Hijacking Eric Kuhnke (Feb 25)
- Re: A Deep Dive on the Recent Widespread DNS Hijacking Paul Ebersman (Feb 25)
- Re: A Deep Dive on the Recent Widespread DNS Hijacking valdis . kletnieks (Feb 25)
- Re: A Deep Dive on the Recent Widespread DNS Hijacking Paul Ebersman (Feb 25)
- Re: A Deep Dive on the Recent Widespread DNS Hijacking valdis . kletnieks (Feb 25)
- Re: A Deep Dive on the Recent Widespread DNS Hijacking Eric Kuhnke (Feb 25)
- Re: A Deep Dive on the Recent Widespread DNS Hijacking Hunter Fuller (Feb 25)
- Re: 2FA, was A Deep Dive on the Recent Widespread DNS Hijacking John Levine (Feb 25)
- Re: 2FA, was A Deep Dive on the Recent Widespread DNS Hijacking Rubens Kuhl (Feb 25)
- RE: 2FA, was A Deep Dive on the Recent Widespread DNS Hijacking Keith Medcalf (Feb 25)
- Re: 2FA, was A Deep Dive on the Recent Widespread DNS Hijacking Job Snijders (Feb 25)
- Re: 2FA, was A Deep Dive on the Recent Widespread DNS Hijacking Seth Mattinen (Feb 26)
- Re: 2FA, was A Deep Dive on the Recent Widespread DNS Hijacking valdis . kletnieks (Feb 26)
- Re: 2FA, was A Deep Dive on the Recent Widespread DNS Hijacking Matthew Petach (Feb 26)
- RE: 2FA, was A Deep Dive on the Recent Widespread DNS Hijacking Keith Medcalf (Feb 26)
- Re: 2FA, was A Deep Dive on the Recent Widespread DNS Hijacking Hunter Fuller (Feb 26)
- Re: 2FA, was A Deep Dive on the Recent Widespread DNS Hijacking Ross Tajvar (Feb 26)
- Re: A Deep Dive on the Recent Widespread DNS Hijacking Saku Ytti (Feb 26)