[liberationtech] Time validation for 2-step verification codes
The Doctor
drwho at virtadpt.net
Wed Aug 27 13:48:46 PDT 2014
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
On 08/27/2014 10:08 AM, Nadim Kobeissi wrote:
> 2. Your journalist friends would be very well-advised to use an app
> [2] instead of SMS codes. By using an authenticator app, they will
> be able to obtain codes without using SMS and even with their phone
> completely not connected to a network.
Authenticator software can also be run on isolated machines and still
be useful. I've been playing around with this a little in my spare
time while developing OPSEC strategy:
https://github.com/gbraad/html5-google-authenticator
- --
The Doctor [412/724/301/703] [ZS]
Developer, Project Byzantium: http://project-byzantium.org/
PGP: 0x807B17C1 / 7960 1CDC 85C9 0B63 8D9F DD89 3BD8 FF2B 807B 17C1
WWW: https://drwho.virtadpt.net/
"THAT. WON'T. WORK. EITHER."
-----BEGIN PGP SIGNATURE-----
iQIcBAEBCgAGBQJT/kQuAAoJED1np1pUQ8RkcacP/j6MaviVyW6YEoRjDKORbY77
wLoxfSD1pp3BSMQML1QBK/HTP66oB8CMga4FdeJbAHU5z8cSyhaohRO/BNSnPqo+
XYiPu83Cku/O0GsSa0bb/Ps+kFfM+PGxutjN1Ne4eLP0nuXEJW2syFnjp6C4L90N
4jf8oMV1cLJZ1ZlRqAoYDmDxD4axIEAl/vffNgxpX4LyrJs9TJ2u4grvrpo/OLvv
tjHFUae4HlImkNn0nOoIFgF2XaWp4yvIeF12QSLMigXnsdMzufqpXGSemPHdj15S
Pa/ICckNvA/8z7Z41lpPTmn3VMyQMoYvJnIei7qVwEVc5tVknK12nJWWnaS/4yXq
+HCyrNgmTXf9uz6CVyq2J54xj7i0vN18pP1fWVKOZ7eNVE4D4mUwChNpZiBuL2J+
erz7PgXm5eB3d24xTbCiGUgmaE40oo/heE0qSHQoMKbdjCMcpYIKlOq5mxr7MZg/
ZhV+daLrXXR7T57+nZk4fEDbbEbVUapUYi70e5dlnATxuirIz6yk4+ZkbQ3+uuUW
WIEJaKG6/aeVuJ5Obuf+F4YrcZ4mSSwuW8TOmPrPRw9wQaYfHy9JQpvvDYSuU9fF
xnnhfcz8sC4wjyOizapXc3zf+hYVWQ8LsUs0I38Bo0ktStcytddJC172hg3fc+YP
/zk8mNqZDRErDLmB2iol
=otcB
-----END PGP SIGNATURE-----
More information about the liberationtech
mailing list