Mastouille

1 message1 participant0 message aujourd’hui

LemonLDAP::NG🍋 LemonLDAP::NG 2.21.2 is out!🔗 Read our release notes: <a href="https://projects.ow2.org/view/lemonldap-ng/lemonldap-ng-2-21-2-is-out/" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://projects.ow2.org/view/lemonldap-ng/lemonldap-ng-2-21-2-is-out/</a><a href="https://fosstodon.org/@ow2" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@ow2</a> <a href="https://fosstodon.org/tags/IAM" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#IAM</a> <a href="https://fosstodon.org/tags/SSO" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#SSO</a> <a href="https://fosstodon.org/tags/CAS" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#CAS</a> <a href="https://fosstodon.org/tags/SAML" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#SAML</a> <a href="https://fosstodon.org/tags/OpenIDConnect" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#OpenIDConnect</a> <a href="https://fosstodon.org/tags/OW2" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#OW2</a> <a href="https://fosstodon.org/tags/lemonldap" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#lemonldap</a> <a href="https://fosstodon.org/tags/lemonldapng" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#lemonldapng</a> <a href="https://fosstodon.org/tags/Passkeys" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Passkeys</a> <a href="https://fosstodon.org/tags/Passwordless" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Passwordless</a> <a href="https://fosstodon.org/tags/WebAuthn" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#WebAuthn</a> <a href="https://fosstodon.org/tags/FIDO2" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#FIDO2</a> <a href="https://fosstodon.org/tags/WebSSO" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#WebSSO</a> <a href="https://fosstodon.org/tags/OpenSource" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#OpenSource</a> <a href="https://fosstodon.org/tags/FreeSoftware" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#FreeSoftware</a> <a href="https://fosstodon.org/tags/LogicielLibre" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#LogicielLibre</a> <a href="https://fosstodon.org/tags/Perl" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Perl</a>

LemonLDAP::NG🍋 LemonLDAP::NG 2.21.1 is out!🔗 Read our release notes: <a href="https://projects.ow2.org/view/lemonldap-ng/lemonldap-ng-2-21-1-is-out/" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://projects.ow2.org/view/lemonldap-ng/lemonldap-ng-2-21-1-is-out/</a><a href="https://fosstodon.org/@ow2" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@ow2</a> <a href="https://fosstodon.org/tags/IAM" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#IAM</a> <a href="https://fosstodon.org/tags/SSO" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#SSO</a> <a href="https://fosstodon.org/tags/CAS" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#CAS</a> <a href="https://fosstodon.org/tags/SAML" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#SAML</a> <a href="https://fosstodon.org/tags/OpenIDConnect" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#OpenIDConnect</a> <a href="https://fosstodon.org/tags/OW2" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#OW2</a> <a href="https://fosstodon.org/tags/lemonldap" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#lemonldap</a> <a href="https://fosstodon.org/tags/lemonldapng" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#lemonldapng</a> <a href="https://fosstodon.org/tags/Passkeys" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Passkeys</a> <a href="https://fosstodon.org/tags/Passwordless" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Passwordless</a> <a href="https://fosstodon.org/tags/WebAuthn" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#WebAuthn</a> <a href="https://fosstodon.org/tags/FIDO2" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#FIDO2</a> <a href="https://fosstodon.org/tags/WebSSO" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#WebSSO</a> <a href="https://fosstodon.org/tags/OpenSource" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#OpenSource</a> <a href="https://fosstodon.org/tags/FreeSoftware" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#FreeSoftware</a> <a href="https://fosstodon.org/tags/LogicielLibre" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#LogicielLibre</a> <a href="https://fosstodon.org/tags/Perl" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Perl</a>

xoron :verified:React-like functional webcomponents, but with vanilla HTML, JS and CSSIntroducing Dim – a new <a href="https://infosec.exchange/tags/Framework" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Framework</a> that brings <a href="https://infosec.exchange/tags/ReactJS" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#ReactJS</a>-like functional <a href="https://infosec.exchange/tags/JSX" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#JSX</a>-syntax with <a href="https://infosec.exchange/tags/VanillaJS" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#VanillaJS</a>. Check it out here: 🔗 Project: <a href="https://github.com/positive-intentions/dim" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://github.com/positive-intentions/dim</a> 🔗 Website: <a href="https://dim.positive-intentions.com" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://dim.positive-intentions.com</a>My journey with <a href="https://infosec.exchange/tags/WebComponents" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#WebComponents</a> started with Lit, and while I appreciated its native browser support (less <a href="https://infosec.exchange/tags/Tooling" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Tooling</a>!), coming from <a href="https://infosec.exchange/tags/ReactJS" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#ReactJS</a>, the class components felt like a step backward. The <a href="https://infosec.exchange/tags/FunctionalProgramming" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#FunctionalProgramming</a> approach in React significantly improved my <a href="https://infosec.exchange/tags/DeveloperExperience" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#DeveloperExperience</a> and debugging flow.So, I set out to build a thin, functional wrapper around <a href="https://infosec.exchange/tags/Lit" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Lit</a>, and Dim is the result! It's a <a href="https://infosec.exchange/tags/ProofOfConcept" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#ProofOfConcept</a> right now, with "main" <a href="https://infosec.exchange/tags/Hooks" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Hooks</a> similar to React, plus some custom ones like useStore for <a href="https://infosec.exchange/tags/EncryptionAtRest" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#EncryptionAtRest</a>. (Note: <a href="https://infosec.exchange/tags/StateManagement" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#StateManagement</a> for encryption-at-rest is still unstable and currently uses a hardcoded password while I explore <a href="https://infosec.exchange/tags/Passwordless" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Passwordless</a> options like <a href="https://infosec.exchange/tags/WebAuthn" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#WebAuthn</a>/#Passkeys).You can dive deeper into the <a href="https://infosec.exchange/tags/Documentation" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Documentation</a> and see how it works here: 📚 Dim Docs: <a href="https://positive-intentions.com/docs/category/dim" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://positive-intentions.com/docs/category/dim</a>This <a href="https://infosec.exchange/tags/OpenSource" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#OpenSource</a> project is still in its early stages and very <a href="https://infosec.exchange/tags/Unstable" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Unstable</a>, so expect <a href="https://infosec.exchange/tags/BreakingChanges" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#BreakingChanges</a>. I've already received valuable <a href="https://infosec.exchange/tags/Feedback" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Feedback</a> on some functions regarding <a href="https://infosec.exchange/tags/Security" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Security</a>, and I'm actively investigating those. I'm genuinely open to all feedback as I continue to develop it!<a href="https://infosec.exchange/tags/FrontendDev" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#FrontendDev</a> <a href="https://infosec.exchange/tags/JSFramework" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#JSFramework</a> <a href="https://infosec.exchange/tags/Innovation" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Innovation</a> <a href="https://infosec.exchange/tags/Coding" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Coding</a> <a href="https://infosec.exchange/tags/Programmer" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Programmer</a> <a href="https://infosec.exchange/tags/Tech" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Tech</a>

Xavier «X» Santolaria :verified_paw: :donor:📨 Latest issue of my curated <a href="https://infosec.exchange/tags/cybersecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#cybersecurity</a> and <a href="https://infosec.exchange/tags/infosec" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#infosec</a> list of resources for week #18/2025 is out!It includes the following and much more:🇫🇷 🇷🇺 France has linked Russian APT to 12 <a href="https://infosec.exchange/tags/cyberattacks" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#cyberattacks</a> on French Orgs.; 🇺🇸 Cybersecurity experts demand the reinstatement of Chris Krebs' security clearances and the withdrawal of the investigation;🐛 🍎 <a href="https://infosec.exchange/tags/Vulnerabilities" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Vulnerabilities</a> in Apple's <a href="https://infosec.exchange/tags/AirPlay" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#AirPlay</a> Protocol;🚉 New York's Metropolitan Transportation Authority plans to use <a href="https://infosec.exchange/tags/AI" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#AI</a> and cameras to detect potential subway crimes before they happen;🇨🇳 <a href="https://infosec.exchange/@SentinelOne" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@SentinelOne</a> Targeted by Chinese <a href="https://infosec.exchange/tags/PurpleHaze" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#PurpleHaze</a> Group;🔐 <a href="https://infosec.exchange/tags/Microsoft" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Microsoft</a> sets all new accounts <a href="https://infosec.exchange/tags/passwordless" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#passwordless</a> by default;🇺🇸 💸 The <a href="https://infosec.exchange/tags/Trump" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Trump</a> administration plans to cut $491 million from <a href="https://infosec.exchange/tags/CISA" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#CISA</a>'s budget;Subscribe to the <a href="https://infosec.exchange/tags/infosecMASHUP" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#infosecMASHUP</a> newsletter to have it piping hot in your inbox every week-end ⬇️<a href="https://infosec-mashup.santolaria.net/p/infosec-mashup-18-2025" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://infosec-mashup.santolaria.net/p/infosec-mashup-18-2025</a>

The New Oil<a href="https://mastodon.thenewoil.org/tags/Microsoft" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Microsoft</a> Makes New Accounts <a href="https://mastodon.thenewoil.org/tags/Passwordless" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Passwordless</a> by Default<a href="https://it.slashdot.org/story/25/05/01/2354218/microsoft-makes-new-accounts-passwordless-by-default" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://it.slashdot.org/story/25/05/01/2354218/microsoft-makes-new-accounts-passwordless-by-default</a><a href="https://mastodon.thenewoil.org/tags/cybersecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#cybersecurity</a>

🔘 G◍M◍◍T 🔘💡 Microsoft: nuovi account senza password e con passkey di default<a href="https://gomoot.com/microsoft-nuovi-account-senza-password-e-con-passkey-di-default/" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://gomoot.com/microsoft-nuovi-account-senza-password-e-con-passkey-di-default/</a><a href="https://mastodon.uno/tags/blog" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#blog</a> <a href="https://mastodon.uno/tags/fido" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#fido</a> <a href="https://mastodon.uno/tags/fido2" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#fido2</a> <a href="https://mastodon.uno/tags/microsoft" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#microsoft</a> <a href="https://mastodon.uno/tags/news" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#news</a> <a href="https://mastodon.uno/tags/password" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#password</a> <a href="https://mastodon.uno/tags/passwordless" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#passwordless</a> <a href="https://mastodon.uno/tags/picks" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#picks</a> <a href="https://mastodon.uno/tags/tech" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#tech</a> <a href="https://mastodon.uno/tags/tecnologia" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#tecnologia</a> <a href="https://mastodon.uno/tags/windows" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#windows</a>

LemonLDAP::NG🍋 LemonLDAP::NG 2.21 is out!📃 This new release includes improvements on OpenID Connect and CAS protocols, Loki logger, public notifications and much more.🔗 Read our release notes: <a href="https://projects.ow2.org/view/lemonldap-ng/lemonldap-ng-2-21-0-is-out/" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://projects.ow2.org/view/lemonldap-ng/lemonldap-ng-2-21-0-is-out/</a><a href="https://fosstodon.org/@ow2" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@ow2</a> <a href="https://mastodon.social/@worteks_com" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@worteks_com</a> <a href="https://fosstodon.org/tags/IAM" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#IAM</a> <a href="https://fosstodon.org/tags/SSO" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#SSO</a> <a href="https://fosstodon.org/tags/CAS" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#CAS</a> <a href="https://fosstodon.org/tags/SAML" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#SAML</a> <a href="https://fosstodon.org/tags/OpenIDConnect" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#OpenIDConnect</a> <a href="https://fosstodon.org/tags/OW2" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#OW2</a> <a href="https://fosstodon.org/tags/lemonldap" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#lemonldap</a> <a href="https://fosstodon.org/tags/lemonldapng" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#lemonldapng</a> <a href="https://fosstodon.org/tags/Passkeys" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Passkeys</a> <a href="https://fosstodon.org/tags/Passwordless" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Passwordless</a> <a href="https://fosstodon.org/tags/WebAuthn" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#WebAuthn</a> <a href="https://fosstodon.org/tags/FIDO2" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#FIDO2</a> <a href="https://fosstodon.org/tags/Loki" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Loki</a> <a href="https://fosstodon.org/tags/WebSSO" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#WebSSO</a> <a href="https://fosstodon.org/tags/OpenSource" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#OpenSource</a> <a href="https://fosstodon.org/tags/FreeSoftware" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#FreeSoftware</a> <a href="https://fosstodon.org/tags/LogicielLibre" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#LogicielLibre</a> <a href="https://fosstodon.org/tags/Perl" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Perl</a>

Worteks🎙️ Nous avons eu le plaisir de participer aujourd'hui à l'enregistrement d'un épisode du Podcast "Tout est sous CTRL" produit par nos amis de Centreon.Interviewé par Vincent Untz , <a href="https://framapiaf.org/@clementoudot" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@clementoudot</a> est venu parler de gestion des identités et des accès (IAM), d'authentification mutli-facteurs (2FA/MFA) et de PasswordLess, mais surtout d'Open Source !<a href="https://fosstodon.org/@ow2" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@ow2</a> <a href="https://mastodon.social/@opensource_experts" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@opensource_experts</a> <a href="https://mastodon.social/@fsfe" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@fsfe</a> <a href="https://mastodon.social/tags/OpenSource" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#OpenSource</a> <a href="https://mastodon.social/tags/IAM" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#IAM</a> <a href="https://mastodon.social/tags/FreeSoftware" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#FreeSoftware</a> <a href="https://mastodon.social/tags/2FA" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#2FA</a> <a href="https://mastodon.social/tags/MFA" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#MFA</a> <a href="https://mastodon.social/tags/PasswordLess" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#PasswordLess</a> <a href="https://mastodon.social/tags/IGA" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#IGA</a> <a href="https://mastodon.social/tags/LDAP" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#LDAP</a> <a href="https://mastodon.social/tags/SSO" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#SSO</a> <a href="https://mastodon.social/tags/WebSSO" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#WebSSO</a> <a href="https://mastodon.social/tags/SAML" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#SAML</a> <a href="https://mastodon.social/tags/OpenIDConnect" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#OpenIDConnect</a>

:rebel:is there an open source, self-hosted <a href="https://disobey.net/tags/SSO" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#SSO</a> solution that allows <a href="https://disobey.net/tags/FIDO2" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#FIDO2</a> 1FAI want to use a YubiKey as the first and only authenticator (<a href="https://disobey.net/tags/passwordless" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#passwordless</a>)- Authelia does not permit a first factor other than user/pass - it looks like Janssen is the same wayEDITit looks like KeyCloak is an option: <a href="https://refactorfirst.com/setup-fido2-passwordless-authentication-with-keycloak" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://refactorfirst.com/setup-fido2-passwordless-authentication-with-keycloak</a>and Authentik: <a href="https://docs.goauthentik.io/docs/add-secure-apps/flows-stages/stages/password/" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://docs.goauthentik.io/docs/add-secure-apps/flows-stages/stages/password/</a>

Quentin DemouliereAuthentification forte à l'aide des passkeys et du protocole FIDO 2 WebAuthn. <a href="https://quentin.demouliere.eu/securite/2024/12/10/passkeys.html" rel="nofollow noopener noreferrer" target="_blank">https://quentin.demouliere.eu/securite/2024/12/10/passkeys.html</a> <a class="hashtag" href="https://wall.demouliere.eu/tag/passwordless" rel="nofollow noopener noreferrer" target="_blank">#passwordless</a> <a class="hashtag" href="https://wall.demouliere.eu/tag/fido2" rel="nofollow noopener noreferrer" target="_blank">#fido2</a> <a class="hashtag" href="https://wall.demouliere.eu/tag/cybersecurity" rel="nofollow noopener noreferrer" target="_blank">#cybersecurity</a> <a class="hashtag" href="https://wall.demouliere.eu/tag/bitwarden" rel="nofollow noopener noreferrer" target="_blank">#bitwarden</a>

Quentin DemouliereJ'ai le plaisir de partager avec vous la publication d'un nouvel article sur mon blog concernant l'utilisation d'une <a class="hashtag" href="https://wall.demouliere.eu/tag/yubikey" rel="nofollow noopener noreferrer" target="_blank">#yubikey</a> 5 lors du déchiffrement de mon disque dur avec <a class="hashtag" href="https://wall.demouliere.eu/tag/luks" rel="nofollow noopener noreferrer" target="_blank">#luks</a> au démarrage de ma <a class="hashtag" href="https://wall.demouliere.eu/tag/kali" rel="nofollow noopener noreferrer" target="_blank">#kali</a> <a class="hashtag" href="https://wall.demouliere.eu/tag/linux" rel="nofollow noopener noreferrer" target="_blank">#linux</a>. <a href="https://quentin.demouliere.eu/sysadmin/2024/12/04/luks-yubi.html" rel="nofollow noopener noreferrer" target="_blank">https://quentin.demouliere.eu/sysadmin/2024/12/04/luks-yubi.html</a> Jusqu'à présent, je devais saisir une passphrase pour procéder au déchiffrement. Avec la yubikey, une fois insérée dans le port USB, le déchiffrement se fait en mode <a class="hashtag" href="https://wall.demouliere.eu/tag/passwordless" rel="nofollow noopener noreferrer" target="_blank">#passwordless</a>. Bonne découverte à toutes et tous et n'hésitez pas à commenter, partager et me faire un retour. <a class="hashtag" href="https://wall.demouliere.eu/tag/sysadmin" rel="nofollow noopener noreferrer" target="_blank">#sysadmin</a> <a class="hashtag" href="https://wall.demouliere.eu/tag/linux" rel="nofollow noopener noreferrer" target="_blank">#linux</a> <a class="hashtag" href="https://wall.demouliere.eu/tag/mfa" rel="nofollow noopener noreferrer" target="_blank">#mfa</a> <a class="hashtag" href="https://wall.demouliere.eu/tag/1fa" rel="nofollow noopener noreferrer" target="_blank">#1fa</a> <a class="hashtag" href="https://wall.demouliere.eu/tag/luks" rel="nofollow noopener noreferrer" target="_blank">#luks</a> <a class="hashtag" href="https://wall.demouliere.eu/tag/cyber" rel="nofollow noopener noreferrer" target="_blank">#cyber</a>

benzogaga33 :verified:Pourquoi est-il si difficile de passer à une authentification sans mot de passe ? <a href="https://www.it-connect.fr/pourquoi-est-il-si-difficile-de-passer-a-une-authentification-sans-mot-de-passe/" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://www.it-connect.fr/pourquoi-est-il-si-difficile-de-passer-a-une-authentification-sans-mot-de-passe/</a> <a href="https://mamot.fr/tags/ActuCybers%C3%A9curit%C3%A9" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#ActuCybersécurité</a> <a href="https://mamot.fr/tags/Cybers%C3%A9curit%C3%A9" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Cybersécurité</a> <a href="https://mamot.fr/tags/Passwordless" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Passwordless</a> <a href="https://mamot.fr/tags/Motdepasse" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Motdepasse</a>

Manuel BisseyThe <a href="https://cyberplace.social/tags/FIDO" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#FIDO</a> Alliance is working to make passkeys more easier to export across different providers and improve credential provider interoperability, as more than 12 billion online accounts become accessible with the <a href="https://cyberplace.social/tags/passwordless" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#passwordless</a> sign-in method 🛡️🔐<a href="https://thehackernews.com/2024/10/fido-alliance-drafts-new-protocol-to.html" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://thehackernews.com/2024/10/fido-alliance-drafts-new-protocol-to.html</a>

LemonLDAP::NG🍋 LemonLDAP::NG 2.20 is out!📃 This new release includes brand new features like FIDO2 PasswordLess (PassKeys), events management and Google reCaptcha.🔗 Read more on <a href="https://projects.ow2.org/view/lemonldap-ng/lemonldap-ng-2-20-0-is-out/" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://projects.ow2.org/view/lemonldap-ng/lemonldap-ng-2-20-0-is-out/</a><a href="https://fosstodon.org/tags/IAM" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#IAM</a> <a href="https://fosstodon.org/tags/SSO" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#SSO</a> <a href="https://fosstodon.org/tags/CAS" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#CAS</a> <a href="https://fosstodon.org/tags/SAML" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#SAML</a> <a href="https://fosstodon.org/tags/OpenIDConnect" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#OpenIDConnect</a> <a href="https://fosstodon.org/tags/OW2" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#OW2</a> <a href="https://fosstodon.org/tags/lemonldap" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#lemonldap</a> <a href="https://fosstodon.org/tags/lemonldapng" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#lemonldapng</a> <a href="https://fosstodon.org/tags/Captcha" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Captcha</a> <a href="https://fosstodon.org/tags/Passkeys" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Passkeys</a> <a href="https://fosstodon.org/tags/Passwordless" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Passwordless</a> <a href="https://fosstodon.org/tags/WebAuthn" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#WebAuthn</a> <a href="https://fosstodon.org/tags/FIDO2" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#FIDO2</a> <a href="https://fosstodon.org/@ow2" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@ow2</a> <a href="https://mastodon.social/@worteks_com" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@worteks_com</a>

Victoria (K8VSY) (she/her)What does your password manager set up look like?<a href="https://mastodon.radio/tags/password" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#password</a> <a href="https://mastodon.radio/tags/passwords" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#passwords</a> <a href="https://mastodon.radio/tags/security" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#security</a> <a href="https://mastodon.radio/tags/passwordmanager" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#passwordmanager</a> <a href="https://mastodon.radio/tags/passwordsecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#passwordsecurity</a> <a href="https://mastodon.radio/tags/passkey" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#passkey</a> <a href="https://mastodon.radio/tags/2FA" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#2FA</a> <a href="https://mastodon.radio/tags/MFA" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#MFA</a> <a href="https://mastodon.radio/tags/passwordmanagers" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#passwordmanagers</a> <a href="https://mastodon.radio/tags/passwordless" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#passwordless</a> <a href="https://mastodon.radio/tags/Lastpass" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Lastpass</a> <a href="https://mastodon.radio/tags/Keepass" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Keepass</a> <a href="https://mastodon.radio/tags/KeepassXC" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#KeepassXC</a> <a href="https://mastodon.radio/tags/ProtonPass" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#ProtonPass</a> <a href="https://mastodon.radio/tags/1password" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#1password</a> <a href="https://mastodon.radio/tags/bitwarden" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#bitwarden</a> <a href="https://mastodon.radio/tags/secure" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#secure</a> <a href="https://mastodon.radio/tags/securityawareness" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#securityawareness</a> <a href="https://mastodon.radio/tags/cloud" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#cloud</a> <a href="https://mastodon.radio/tags/cloudstorage" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#cloudstorage</a>

Erik van Straten<a href="https://mastodon.social/@jpsachse" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@jpsachse</a> : or when your account gets pwned and the attacker does a better job proving that they are you than you - after all, *they* have access to your account - while you do not.🔸 ANDROID PASSKEY BLACK HOLE *Or* when you press a button "Clear data" (at the bottom of <a href="https://chrome.google.com/sync" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://chrome.google.com/sync</a>) which is accompanied by the text:« This will clear your Chrome data that has been saved in your Google Account. This might clear some data from your devices. »For you to subsequently find out that ALL OF YOUR PASSKEYS on (all of) your Android device(s) are IRRETRIEVABLE GONE (I reported this to Google in June 2023 and published it 6 months later in <a href="https://seclists.org/fulldisclosure/2024/Feb/15" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://seclists.org/fulldisclosure/2024/Feb/15</a>). It's still unfixed.🔸 WHY NO EXPORT AND NO BACKUP W.r.t. being able to export and/or backup all private keys belonging to all of your passkeys: that's a big dilemma (depending on your POV).The main (advertised, not taking into account a possibly desired vendor lock-in) reason is simple: if *you* have direct access to such private keys, *malware* running on your device does too.The compromise is that they are automatically synced to your cloud account, and from there to other devices (of the same brand, provided they run an OS version that's not too old), including a new device if you brick or lose your old device.However, if there's serious malware on your device, then, even if the malware authors cannot steal all of your passkeys (that is, their private keys), then you're toast anyway; a RAT such as AnyDesk may fool you into believing that you're logging in to website A while in fact it's B and they steal it's session cookie - and pwn the webaccount.🔸 SYNCING PRIVATE KEYS BTW it's hardly being discussed, but being able to synchronize secrets between secure hardware enclaves in such a way that *you* are denied access, is quite an achievement (considering that, if you buy a new phone, the only available secrets to the transport system are your definitely weak passcode, and your, potentially weak, cloud password that may be used to encrypt the private keys in transit).I *know* that it's complicated because I accidentally found out around June 2023 that Android can get confused: passkeys *seem* to sync just fine, but passkeys created on phone 1 do not work on phone 2 and vice versa. Somehow the phones had started using *different* encryption keys used to securily synchronize them (I also mentioned that issue in my reports to Google in the summer of 2023, and I mention it in the FD (seclists.org) message).I don't know how Apple syncs secrets in iCloud keychain, and neither whether a situation may exist where passkey's private keys sync but are unusable (like may happen when using Android).🔸 APPLE'S OWN PASSKEY MISERY However, Apple has got their own bunch of problems with passkeys being usable *without* requiring biometrics or a passcode to unlock them from iCloud Keychain, see <a href="https://infosec.exchange/@ErikvanStraten/113050312014160350" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://infosec.exchange/@ErikvanStraten/113050312014160350</a> and follow-up (it gets worse every time I look at it) <a href="https://infosec.exchange/@ErikvanStraten/113053761440539290" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://infosec.exchange/@ErikvanStraten/113053761440539290</a> (more details in earlier toots in that thread).In short: if you don't use biometrics to unlock your iPhone or iPad (OR you do, but you have -unlikely- disabled a specific configuration setting), then anyone with access to your iDevice in an unlocked condition (*), can sign in to: <a href="https://appleid.apple.com" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://appleid.apple.com</a> and/or <a href="https://icloud.com" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://icloud.com</a> WITHOUT entering your passcode (or using biometrics).(*) your child, spouse, someone you don't know (well) who borrows your phone to make a call (because their's battery is dead), NOTABLY including a thief who stole it while you were using it (or saw you type your passcode and can unlock it by themselves: <a href="https://youtu.be/QUYODQB_2wQ" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://youtu.be/QUYODQB_2wQ</a>).I'm not sure yet, but this may even render Apple's anti-theft system totally moot.<a href="https://hachyderm.io/@rmondello" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@rmondello</a> <a href="https://iosdev.space/@johnbrayton" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@johnbrayton</a> <a href="https://infosec.exchange/@agl" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@agl</a> <a href="https://infosec.exchange/tags/Passkeys" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Passkeys</a> <a href="https://infosec.exchange/tags/WontFix" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#WontFix</a> <a href="https://infosec.exchange/tags/FullDisclosure" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#FullDisclosure</a> <a href="https://infosec.exchange/tags/AppleID" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#AppleID</a> <a href="https://infosec.exchange/tags/iCloud" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#iCloud</a> <a href="https://infosec.exchange/tags/1FA" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#1FA</a> <a href="https://infosec.exchange/tags/0FA" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#0FA</a> <a href="https://infosec.exchange/tags/0FAIfUnlocked" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#0FAIfUnlocked</a> <a href="https://infosec.exchange/tags/0FAIfStolenUnlocked" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#0FAIfStolenUnlocked</a> <a href="https://infosec.exchange/tags/Passwordless" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Passwordless</a> <a href="https://infosec.exchange/tags/ItsByDesign" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#ItsByDesign</a> <a href="https://infosec.exchange/tags/ItsSTUPIDITYByDesign" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#ItsSTUPIDITYByDesign</a> <a href="https://infosec.exchange/tags/iCloudKeychain" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#iCloudKeychain</a> <a href="https://infosec.exchange/tags/Apple" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Apple</a> <a href="https://infosec.exchange/tags/iDevices" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#iDevices</a> <a href="https://infosec.exchange/tags/iPhone" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#iPhone</a> <a href="https://infosec.exchange/tags/iPad" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#iPad</a> <a href="https://infosec.exchange/tags/InfoSec" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#InfoSec</a> <a href="https://infosec.exchange/tags/GapingSecurityHole" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#GapingSecurityHole</a> <a href="https://infosec.exchange/tags/Ignorant" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Ignorant</a> <a href="https://infosec.exchange/tags/Ignorance" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Ignorance</a> <a href="https://infosec.exchange/tags/Convenience" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Convenience</a> <a href="https://infosec.exchange/tags/ConvenienceOverSecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#ConvenienceOverSecurity</a> <a href="https://infosec.exchange/tags/ConvenienceVsSecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#ConvenienceVsSecurity</a> <a href="https://infosec.exchange/tags/Android" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Android</a> <a href="https://infosec.exchange/tags/Passkey" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Passkey</a> <a href="https://infosec.exchange/tags/Sync" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Sync</a> <a href="https://infosec.exchange/tags/SyncIssues" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#SyncIssues</a> <a href="https://infosec.exchange/tags/WSJ" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#WSJ</a> <a href="https://infosec.exchange/tags/JoannaStern" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#JoannaStern</a> <a href="https://infosec.exchange/tags/Theft" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Theft</a> <a href="https://infosec.exchange/tags/Thief" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Thief</a> <a href="https://infosec.exchange/tags/Thieves" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Thieves</a> <a href="https://infosec.exchange/tags/PhysicalAccess" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#PhysicalAccess</a> <a href="https://infosec.exchange/tags/Biometrics" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Biometrics</a> <a href="https://infosec.exchange/tags/TouchID" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#TouchID</a> <a href="https://infosec.exchange/tags/FaceID" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#FaceID</a> <a href="https://infosec.exchange/tags/Passcode" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Passcode</a> <a href="https://infosec.exchange/tags/UnlockScreen" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#UnlockScreen</a> <a href="https://infosec.exchange/tags/ScreenUnlock" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#ScreenUnlock</a>

Erik van Straten<a href="https://infosec.exchange/@webhat" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@webhat</a> : Passwordless actually exists on iPhone or iPad under realistic circumstances - that is, not taking into account unlocking the screen (using a PIN, a password or biometrics).Consider the situation when some stranger borrows your iPhone to make a phone call, or you let your child play a game on your iPad: in such cases they may be able to log in as you onto various websites. That is, without knowing your screen unlock code (or somehow being able to simulate your biometrics).On specific websites this even also works when using passkeys (no PIN, password or biometrics is required to use the passkey).It obviously is a vulnerability. But after I filed a bug report in June 2023, Apple denied that it is. And they've not fixed it either.BTW this works (on iPhone or iPad) in Safari, Firefox, Edge and Chrome (except that in Chrome, "passkey without local auth", only works if, in condition 3️⃣ below, only iCloud Keychain is enabled and no other 'optional' password manager - such as KeePassium).The conditions are:1️⃣ The password or passkey is stored in iCloud KeyChain;2️⃣ EITHER: you've NOT configured any biometrics to unlock the screen (meaning that you must use a pincode or a password to unlock the screen - a use case quite common because some people don't like to use, or don't trust, biometrics),OR: (not common, I found it during testing) 'Settings' > 'Touch ID and Passcode': 'Password Autofill' is OFF;3️⃣ In 'Settings' > 'Passwords' > 'Password Options' (all quite common): • 'Autofill Passwords and Passkeys' is ON; • ' iCloud Keychain' is ON; • Optionally another password manager is enabled (in my iPhone 'KeePassium' is ON).4️⃣ Passkeys only: (this is irrelevant for passwords, and applies only to iOS and iPadOS versions that support passkeys): the website you (or the borrower of your iDevice) want to sign in to (using your account) must support "WebAuthn Conditional UI" [1] AND it must specify:     'User Verification': 'Preferred' (the latter value, stupidly, is the WebAuthn default; the other options are 'Discouraged' and 'Required').[1] <a href="https://github.com/w3c/webauthn/wiki/Explainer:-WebAuthn-Conditional-UI" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://github.com/w3c/webauthn/wiki/Explainer:-WebAuthn-Conditional-UI</a>In short, "WebAuthn Conditional UI" means that the website ALSO accepts a passkey in case you activate (tap in and see a blinking cursor) the user-ID input field (instead of tapping a button labeled e.g. "Sign in using passkey"). Doing that will invoke iCloud KeyChain and lets you select the right passkey.Two examples (there are more) of such websites (for free testing purposes) are: • <a href="https://passkeys-demo.appspot.com" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://passkeys-demo.appspot.com</a> • <a href="https://webauthn.io" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://webauthn.io</a>AND, NOTABLY, Apple's production SSO site: https:⧸⧸idmsa.apple.comNote that your browser is redirected to the idmsa site (in order to SSO to Apple) when you open the bugreport that I filed in June 2023: • <a href="https://security.apple.com/signin?path=reports/OE19476493072" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://security.apple.com/signin?path=reports/OE19476493072</a>Here's the recipe for passwords:🔸 Ensure that conditions 1️⃣, 2️⃣ and 3️⃣ mentioned above are met;🔸 Open a website where you have an account with it's credentials saved in iCkoud Keychain. Invoke the log in screen and tap into the user-ID field;🔸Tap the proposed account name. Now iCloud Keychain autofills your user-ID and passwords into the right fields.And the recipe for passkeys: 🔸 Ensure that conditions 1️⃣, 2️⃣, and 3️⃣ mentioned above are met;🔸 Open <a href="https://security.apple.com/signin?path=reports/OE19476493072" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://security.apple.com/signin?path=reports/OE19476493072</a>🔸 A box pops up from the bottom of the screen. Tap the X at the top-right to close it.🔸Tap in the input field "Email or Phone Number", then tap your iCloud ID at the bottom of your screen. Now you will be logged in to Apple without using local auth.Note that you'll probably see a "403 access denied" error, because (although you HAVE logged in) you are not *authorized* to view te bug report.This is passwordless 1FA because the possession of the (unlocked) device suffices.<a href="https://infosec.exchange/tags/Apple" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Apple</a> <a href="https://infosec.exchange/tags/iOS" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#iOS</a> <a href="https://infosec.exchange/tags/iPhone" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#iPhone</a> <a href="https://infosec.exchange/tags/iPadOS" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#iPadOS</a> <a href="https://infosec.exchange/tags/iPad" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#iPad</a> <a href="https://infosec.exchange/tags/Vulnerability" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Vulnerability</a> <a href="https://infosec.exchange/tags/NoLocalAuth" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#NoLocalAuth</a> <a href="https://infosec.exchange/tags/Passwordless" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Passwordless</a> <a href="https://infosec.exchange/tags/Passwords" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Passwords</a> <a href="https://infosec.exchange/tags/Passkeys" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Passkeys</a> <a href="https://infosec.exchange/tags/iCloudKeychain" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#iCloudKeychain</a> <a href="https://infosec.exchange/tags/Borrower" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Borrower</a> <a href="https://infosec.exchange/tags/1FA" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#1FA</a> <a href="https://infosec.exchange/tags/SomethingYouHave" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#SomethingYouHave</a> <a href="https://infosec.exchange/tags/Biometry" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Biometry</a> <a href="https://infosec.exchange/tags/TouchID" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#TouchID</a> <a href="https://infosec.exchange/tags/FaceID" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#FaceID</a> <a href="https://infosec.exchange/tags/PassCode" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#PassCode</a> <a href="https://infosec.exchange/tags/ScreenUnlock" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#ScreenUnlock</a> <a href="https://infosec.exchange/tags/UnlockScreen" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#UnlockScreen</a>

partizan :aaawoo: Yesterday I tried to log in into PSN to play some <a class="hashtag" href="https://pl.m0e.space/tag/ghostoftsushima" rel="nofollow noopener noreferrer" target="_blank">#GhostOfTsushima</a> Legends, but my account was deactivated and I needed to reset my password. Instead of the password they offer passkeys nowadays, so I tried it. - I was able to create a passkey on my phone, but when logging in from the PC I cannot use it. Instructions say "scan this QR with your phone", but google tries to search for QR codes on the internet, and Firefox cannot open a link (it's not a link). When trying to find where my generated passkey is (should be in the Google Password Manager), i found nothing. - So, maybe hardware keys are working better? And I created a passkey with my YubiKey dongle. Guess what? I cannot log with it too. Not from mobile nor from PC. At least I know where the key is. Is this the bright <a class="hashtag" href="https://pl.m0e.space/tag/passwordless" rel="nofollow noopener noreferrer" target="_blank">#passwordless</a> future everyone talks about? I ended up setting a password, and finally played some Legends.

Mela News :verified:📱💻⌚️ Le Passkey di Google migliorano: un unico login per tutti i tuoi dispositivi. Nessuna password da ricordare <a href="https://mastodon.uno/tags/Google" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Google</a> <a href="https://mastodon.uno/tags/Passkey" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Passkey</a> <a href="https://mastodon.uno/tags/userfriendly" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#userfriendly</a> <a href="https://mastodon.uno/tags/passwordless" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#passwordless</a><a href="https://blog.google/technology/safety-security/google-passkeys-update-april-2024/" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://blog.google/technology/safety-security/google-passkeys-update-april-2024/</a>

Christian TietzeListening to a <a href="https://mastodon.social/tags/passwordless" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#passwordless</a> talk at a local meetup.<a href="https://mastodon.social/tags/YubiKey" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#YubiKey</a> sounds like a cool thing to have for this for device-bound passkeys.But:How does YubiKey earn one’s trust?With everything home-cooked one knows who’s responsible for damage. With 3rd party, you’re still to blame to trust the wrong company :/

Recherches récentes

Options de recherche

Administré par :

Statistiques du serveur :

#passwordless