nanog mailing list archives
Re: 2FA, was A Deep Dive on the Recent Widespread DNS Hijacking
From: Rubens Kuhl <rubensk () gmail com>
Date: Tue, 26 Feb 2019 00:20:10 -0300
On Tue, Feb 26, 2019 at 12:14 AM John Levine <johnl () iecc com> wrote:
In article <24679.1551146531 () turing-police cc vt edu> you write:So what registries/registrars are supporting 2FA that's better than SMS?Opensrs does TOTP. It's certainly not bulletproof, but it's tied to your actual phone rather than the phone number. (We careful folk put our TOTP keys on a couple of our devices in case the phone dies or gets lost.) It's very easy to implement, it's an IETF open specification, and there are lots of clients that support it. FIDO keys (like Yubikey) also seem OK but I haven't looked at how hard they are to implement.
https://twofactorauth.org/#domains gives a good view of the domain management landscape regarding 2FA. Rubens
Current thread:
- Re: A Deep Dive on the Recent Widespread DNS Hijacking, (continued)
- Re: A Deep Dive on the Recent Widespread DNS Hijacking Sander Steffann (Feb 25)
- Re: A Deep Dive on the Recent Widespread DNS Hijacking Owen DeLong (Feb 25)
- Re: A Deep Dive on the Recent Widespread DNS Hijacking Eric Kuhnke (Feb 25)
- Re: A Deep Dive on the Recent Widespread DNS Hijacking Paul Ebersman (Feb 25)
- Re: A Deep Dive on the Recent Widespread DNS Hijacking valdis . kletnieks (Feb 25)
- Re: A Deep Dive on the Recent Widespread DNS Hijacking Paul Ebersman (Feb 25)
- Re: A Deep Dive on the Recent Widespread DNS Hijacking valdis . kletnieks (Feb 25)
- Re: A Deep Dive on the Recent Widespread DNS Hijacking Eric Kuhnke (Feb 25)
- Re: A Deep Dive on the Recent Widespread DNS Hijacking Hunter Fuller (Feb 25)
- Re: 2FA, was A Deep Dive on the Recent Widespread DNS Hijacking John Levine (Feb 25)
- Re: 2FA, was A Deep Dive on the Recent Widespread DNS Hijacking Rubens Kuhl (Feb 25)
- RE: 2FA, was A Deep Dive on the Recent Widespread DNS Hijacking Keith Medcalf (Feb 25)
- Re: 2FA, was A Deep Dive on the Recent Widespread DNS Hijacking Job Snijders (Feb 25)
- Re: 2FA, was A Deep Dive on the Recent Widespread DNS Hijacking Seth Mattinen (Feb 26)
- Re: 2FA, was A Deep Dive on the Recent Widespread DNS Hijacking valdis . kletnieks (Feb 26)
- Re: 2FA, was A Deep Dive on the Recent Widespread DNS Hijacking Matthew Petach (Feb 26)
- RE: 2FA, was A Deep Dive on the Recent Widespread DNS Hijacking Keith Medcalf (Feb 26)
- Re: 2FA, was A Deep Dive on the Recent Widespread DNS Hijacking Hunter Fuller (Feb 26)
- Re: 2FA, was A Deep Dive on the Recent Widespread DNS Hijacking Ross Tajvar (Feb 26)
- Re: A Deep Dive on the Recent Widespread DNS Hijacking Saku Ytti (Feb 26)
- Re: A Deep Dive on the Recent Widespread DNS Hijacking Tony Finch (Feb 26)