General > General Technical Chat

How to bypass GitHub's new 'Enable two-factor authentication'.

<< < (8/14) > >>

bitwelder:

--- Quote from: Shonky on August 16, 2023, 09:20:34 pm ---Password managers like Bitwarden can save the TOTP secret as well as have notes for the recovery keys.

--- End quote ---
Although, one should consider that this way is keeping all secrets in one basket: if the key to open the password manager is not strong enough or not kept safely enough, one would lose at the same time all the passwords AND all the TOTPs. So much for two-factors.

Shonky:

--- Quote from: bitwelder on August 17, 2023, 11:35:01 am ---
--- Quote from: Shonky on August 16, 2023, 09:20:34 pm ---Password managers like Bitwarden can save the TOTP secret as well as have notes for the recovery keys.

--- End quote ---
Although, one should consider that this way is keeping all secrets in one basket: if the key to open the password manager is not strong enough or not kept safely enough, one would lose at the same time all the passwords AND all the TOTPs. So much for two-factors.

--- End quote ---
Absolutely true it does somewhat make it no longer 2 factor.

You can add 2 factor authentication on unlocking the password store if you wish via email, TOTP and a couple of other methods.

bingo600:

--- Quote from: madires on August 17, 2023, 08:37:56 am ---TOTP suggestions for linux users:
- otpclient (small and nifty TOTP tool)
- keepassxc (PW manager, TOTP hidden in the right-click-menu for entries)

--- End quote ---

THANX !!  :-+

I just set github OTP w. keepassxc (linux mint)
I didn't even have to use the QR Code , just click on the "Skip" URL , and it'll show you the github TOTP Seed.

"Right click" on your keepassxc github entry, select TOTP , select Setup.
Paste the TOTP seed , let rest be default ... Done

github login
login as usual , user + pass
right click github entry in keepassxc , select TOTP , select Copy TOTP   (Or just hilight the github entry and press CTRL+T)
Paste it in github 2FA "Box"

Edit: You'll find the TOTP (2FA) stuff @github , under "profile -->password"

/Bingo

PlainName:

--- Quote ---right click github entry in keepassxc , select TOTP , select Copy TOTP   (Or just hilight the github entry and press CTRL+T)
Paste it in github 2FA "Box"

--- End quote ---

That's my problem with this stuff - it's a road bump (and not a small one). For most places I just go there and I'm in. If I had to manually log into everything every time I'd go mad with the amount of stuff that would involve, and most 2FA is exactly that kind of pissing about. (And you're stuffed if you're not at your PC because you cannot remember or otherwise access the 2FA key).

If we were talking about access to Microsoft's internals it would be fair enough, but it's our data and if someone nicks it or corrupts it it's our fault and our tears. Not theirs. I agree with the previously stated viewpoint that when it comes to our stuff it should be our choice. We are grown people who know the risks and can deal with them appropriately (and if we can't then it's our tough shit, that's all).

abeyer:
Sometimes I read this forum and just shake my head in regret that I didn't take up haberdashery and buy an industrial scale supply of tin foil.

Navigation

[0] Message Index

[#] Next page

[*] Previous page

There was an error while thanking
Thanking...
Go to full version
Powered by SMFPacks Advanced Attachments Uploader Mod