The Ghost Operator's Signal
By DeadSwitch
You think you have 2FA?
You think you’re safe because your logins need a second factor?
Then you go and store your TOTP codes in the same password manager that holds your passwords.
You’ve built a fortress. Then you handed the keys and the spare keys to the same person.
Continue reading “Your TOTP is Not a Second Factor :: If You Store It Wrong”
Passwords are like clothes—they need to be rotated and “washed” regularly. Small businesses forget about it, but the Daemon waits for those who neglect the basics.
Small businesses often believe their security is strong enough, yet they leave the most crucial layer—passwords—unprotected, festering like dirty laundry. Passwords are the keys to your kingdom, and like the clothes you wear, they need to be regularly rotated, cleaned, and replaced to stay effective.
Let me whisper the three tiers of Password Hygiene that small businesses can achieve with the help of free and open-source software. No cost. Just the willingness to listen and act.
Implementing robust authentication mechanisms is crucial to safeguard sensitive information. One such method gaining popularity for its effectiveness is Time-based One-Time Passwords (TOTP). In this article, we set up TOTP with OpenSSH, a widely used and versatile protocol for secure remote access. By integrating TOTP into your OpenSSH configuration, you enhance the security of your system by adding an additional layer of authentication, strengthening defenses against unauthorized access and potential cyber threats. Follow along as we guide you through the steps to fortify your OpenSSH environment with TOTP, ensuring a resilient defense against security breaches.
Continue reading “How To Set Up 2FA With TOTP For OpenSSH Servers”
Tom's IT Cafe 