科技回声

7 条评论

nikolay将近 9 年前

Everybody recommending Yubikey: because this [0], use that [1] instead. Amazon uses Gemalto [2] for AWS MFA, but I've had bad experience with it, and cannot recommend it.<p>[0]: <a href="https://plus.google.com/+KonstantinRyabitsev/posts/4a7RNxtt7vy" rel="nofollow">https://plus.google.com/+KonstantinRyabitsev/posts/4a7RNxtt7...</a><p>[1]: <a href="https://www.nitrokey.com/" rel="nofollow">https://www.nitrokey.com/</a><p>[2]: <a href="http://www.gemalto.com/" rel="nofollow">http://www.gemalto.com/</a>

realtarget将近 9 年前

You could use any kind of hardware token like RSA, Fortinet or many other manufactors. The usually offer a software version four your desktop as well. But usually you'll hate this additional piece of crap in your pocket. The combination of something in your mind (password) and something in your hand (smartphone) is the optimal setup. If you have a password or fingerprint to unlock your phone and the token generator app for 2FA it should be enough security.

Relys将近 9 年前

I use the <a href="https://www.yubico.com/products/yubikey-hardware/yubikey-neo/" rel="nofollow">https://www.yubico.com/products/yubikey-hardware/yubikey-neo...</a>.

h4waii将近 9 年前

One option might be something like a Pebble. I use mine for H/TOTP codes just fine => <a href="https://github.com/JumpMaster/QuickAuth" rel="nofollow">https://github.com/JumpMaster/QuickAuth</a>. It's always with you and works completely offline and outside of any service.<p>It still requires your phone to add seeds, but they are generated completely independently once seeded. Just an idea that doesn't require buying specializes single-task hardware.

dpc_pw将近 9 年前

Google: Yubico ; the NFC-enabled version has a Google Authenticator-like app (Yubico Authenticator)

评论 #11782520 未加载

emocin将近 9 年前

Yeah, we use Yubico yubikey nanos at work for ssh 2fa as well as gmail 2fa. It's pretty nice.

评论 #11782709 未加载

mike-cardwell将近 9 年前

I use my Pebble Time smart watch. I press one button on my watch and it instantly displays a list of 2FA codes for a bunch of sites.

7 条评论

nikolay将近 9 年前

realtarget将近 9 年前

Relys将近 9 年前

I use the <a href="https://www.yubico.com/products/yubikey-hardware/yubikey-neo/" rel="nofollow">https://www.yubico.com/products/yubikey-hardware/yubikey-neo...</a>.

h4waii将近 9 年前

dpc_pw将近 9 年前

Google: Yubico ; the NFC-enabled version has a Google Authenticator-like app (Yubico Authenticator)

评论 #11782520 未加载

emocin将近 9 年前

Yeah, we use Yubico yubikey nanos at work for ssh 2fa as well as gmail 2fa. It's pretty nice.

评论 #11782709 未加载

mike-cardwell将近 9 年前

I use my Pebble Time smart watch. I press one button on my watch and it instantly displays a list of 2FA codes for a bunch of sites.

Ask HN: 2FA hardware?

7 条评论

Ask HN: 2FA hardware?

7 条评论