shakedown.social is one of the many independent Mastodon servers you can use to participate in the fediverse.
A community for live music fans with roots in the jam scene. Shakedown Social is run by a team of volunteers (led by @clifff and @sethadam1) and funded by donations.

Administered by:

Server stats:

272
active users

#multifactorauthentication

1 post1 participant0 posts today
Marcus "MajorLinux" Summers<p>I guess it's better late than never.</p><p>GOG add support for authenticator apps for two-factor authentication (2FA) </p><p><a href="https://www.gamingonlinux.com/2025/05/gog-add-support-for-authenticator-apps-for-two-factor-authentication-2fa/" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://www.</span><span class="ellipsis">gamingonlinux.com/2025/05/gog-</span><span class="invisible">add-support-for-authenticator-apps-for-two-factor-authentication-2fa/</span></a></p><p><a href="https://toot.majorshouse.com/tags/GOG" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>GOG</span></a> <a href="https://toot.majorshouse.com/tags/MultiFactorAuthentication" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>MultiFactorAuthentication</span></a> <a href="https://toot.majorshouse.com/tags/Security" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Security</span></a> <a href="https://toot.majorshouse.com/tags/InfoSec" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>InfoSec</span></a> <a href="https://toot.majorshouse.com/tags/Gaming" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Gaming</span></a></p>
IT News<p>Why MFA is getting easer to bypass and what to do about it - An entire cottage industry has formed around phishing attacks that bypass ... - <a href="https://arstechnica.com/security/2025/05/phishing-attacks-that-defeat-mfa-are-easier-than-ever-so-what-are-we-to-do/" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">arstechnica.com/security/2025/</span><span class="invisible">05/phishing-attacks-that-defeat-mfa-are-easier-than-ever-so-what-are-we-to-do/</span></a> <a href="https://schleuss.online/tags/multifactorauthentication" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>multifactorauthentication</span></a> <a href="https://schleuss.online/tags/passwords" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>passwords</span></a> <a href="https://schleuss.online/tags/security" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>security</span></a> <a href="https://schleuss.online/tags/phishing" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>phishing</span></a> <a href="https://schleuss.online/tags/webauthn" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>webauthn</span></a> <a href="https://schleuss.online/tags/biz" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>biz</span></a>⁢ <a href="https://schleuss.online/tags/mfa" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>mfa</span></a></p>
IT News<p>Google makes it easier for users to switch on advanced account protection - Enlarge (credit: Getty Images) </p><p>Google is making it easier for ... - <a href="https://arstechnica.com/?p=2036985" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="">arstechnica.com/?p=2036985</span><span class="invisible"></span></a> <a href="https://schleuss.online/tags/multifactorauthentication" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>multifactorauthentication</span></a> <a href="https://schleuss.online/tags/passwords" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>passwords</span></a> <a href="https://schleuss.online/tags/security" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>security</span></a> <a href="https://schleuss.online/tags/passkeys" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>passkeys</span></a> <a href="https://schleuss.online/tags/biz" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>biz</span></a>⁢ <a href="https://schleuss.online/tags/google" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>google</span></a></p>
IT News<p>Hackers steal “significant volume” of data from hundreds of Snowflake customers - Enlarge (credit: Getty Images) </p><p>As many as 165 customers of clo... - <a href="https://arstechnica.com/?p=2030619" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="">arstechnica.com/?p=2030619</span><span class="invisible"></span></a> <a href="https://schleuss.online/tags/multifactorauthentication" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>multifactorauthentication</span></a> <a href="https://schleuss.online/tags/databreaches" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>databreaches</span></a> <a href="https://schleuss.online/tags/snowflake" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>snowflake</span></a> <a href="https://schleuss.online/tags/security" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>security</span></a> <a href="https://schleuss.online/tags/biz" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>biz</span></a>&amp;it</p>
IT News<p>LastPass users targeted in phishing attacks good enough to trick even the savvy - Enlarge (credit: Getty Images) </p><p>Password-manager LastPass users... - <a href="https://arstechnica.com/?p=2018339" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="">arstechnica.com/?p=2018339</span><span class="invisible"></span></a> <a href="https://schleuss.online/tags/multifactorauthentication" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>multifactorauthentication</span></a> <a href="https://schleuss.online/tags/credentialphishing" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>credentialphishing</span></a> <a href="https://schleuss.online/tags/security" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>security</span></a> <a href="https://schleuss.online/tags/lastpass" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>lastpass</span></a> <a href="https://schleuss.online/tags/biz" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>biz</span></a>&amp;it</p>
IT News<p>Frontegg launches entitlements engine to streamline access authorization - Frontegg’s new entitlement engine will be powered by context-aware logic controls (CALC) ... - <a href="https://www.csoonline.com/article/3697735/frontegg-launches-entitlements-engine-to-streamline-access-authorization.html#tk.rss_all" rel="nofollow noopener noreferrer" target="_blank"><span class="invisible">https://www.</span><span class="ellipsis">csoonline.com/article/3697735/</span><span class="invisible">frontegg-launches-entitlements-engine-to-streamline-access-authorization.html#tk.rss_all</span></a> <a href="https://schleuss.online/tags/multifactorauthentication" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>multifactorauthentication</span></a> <a href="https://schleuss.online/tags/authentication" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>authentication</span></a></p>
Brad Linder<p>Security key maker Yubico is "merging" with a Swedish holding company called ACQ Bure in order to become a publicly traded company. It's unclear what, if any, long term impact this will have on the company's products. <a href="https://www.yubico.com/blog/yubico-is-merging-with-acq-bure/" rel="nofollow noopener noreferrer" target="_blank"><span class="invisible">https://www.</span><span class="ellipsis">yubico.com/blog/yubico-is-merg</span><span class="invisible">ing-with-acq-bure/</span></a> </p><p><a href="https://fosstodon.org/tags/Yubico" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Yubico</span></a> <a href="https://fosstodon.org/tags/Security" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Security</span></a> <a href="https://fosstodon.org/tags/MultiFactorAuthentication" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>MultiFactorAuthentication</span></a></p>
IT News<p>Still using authenticators for MFA? Software for sale can hack you anyway - Enlarge (credit: Getty Images) </p><p>Microsoft on Tuesday profiled s... - <a href="https://arstechnica.com/?p=1924036" rel="nofollow noopener noreferrer" target="_blank"><span class="invisible">https://</span><span class="">arstechnica.com/?p=1924036</span><span class="invisible"></span></a> <a href="https://schleuss.online/tags/multifactorauthentication" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>multifactorauthentication</span></a> <a href="https://schleuss.online/tags/two" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>two</span></a>-factorauthentication <a href="https://schleuss.online/tags/accounttakeovers" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>accounttakeovers</span></a> <a href="https://schleuss.online/tags/phishing" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>phishing</span></a> <a href="https://schleuss.online/tags/biz" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>biz</span></a>⁢ <a href="https://schleuss.online/tags/2fa" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>2fa</span></a> <a href="https://schleuss.online/tags/mfa" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>mfa</span></a></p>
Shane Brennan<p><span class="h-card"><a href="https://shakedown.social/@boelder" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@<span>boelder</span></a></span> I currently use <a href="https://mastodon.social/tags/1password" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>1password</span></a> with a shared vault in Dropbox. I also use their <a href="https://mastodon.social/tags/multifactorauthentication" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>multifactorauthentication</span></a> so I can quickly update my <a href="https://mastodon.social/tags/credentials" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>credentials</span></a> if necessary and stay sync’d. The ability to share specific keys, credentials, etc with my family account as well as a separate corporate account makes it easy to isolate two universes without slowing my day to day actions.</p>
Morten<p>With it being <a href="https://infosec.exchange/tags/BlackFriday" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>BlackFriday</span></a> and all, I hope nobody is caught up in scams or phishing attacks while doing their (frantic!) online <a href="https://infosec.exchange/tags/shopping" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>shopping</span></a>.</p><p>Here are a few <a href="https://infosec.exchange/tags/security" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>security</span></a> and <a href="https://infosec.exchange/tags/privacy" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>privacy</span></a> tips that I hope will help somebody:</p><p>1) If you have a coupon code, don't follow a provided link to the shopping page. Instead find the page yourself, e.g., via a <a href="https://infosec.exchange/tags/searchengine" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>searchengine</span></a>, and then input the coupon code manually.</p><p>2) Access online shops without being logged in, and without any <a href="https://infosec.exchange/tags/cookies" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>cookies</span></a>, such that the shop cannot set prices according to <a href="https://infosec.exchange/tags/personaldata" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>personaldata</span></a> or previous purchases (yes, they do that). Except, of course, if the discount is only available when actually having an account. Attempt anonymously first.</p><p>3) An improvement to 2) is accessing online shops via <a href="https://infosec.exchange/tags/TorBrowser" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>TorBrowser</span></a> or similar. </p><p>4) Use a <a href="https://infosec.exchange/tags/VPN" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>VPN</span></a> such that <a href="https://infosec.exchange/tags/ISPs" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>ISPs</span></a> and other adversaries cannot obtain or spoof information. It also protects your data, like credit card info, if you are using public a <a href="https://infosec.exchange/tags/WiFi" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>WiFi</span></a> (never do that without VPN).</p><p>5) As corollary to 4) you can even sometimes get discounts by using a different location than your own.</p><p>6) Use a <a href="https://infosec.exchange/tags/passwordmanager" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>passwordmanager</span></a> for your credentials such that they can be longer and harder to guess/crack. This also means you don't have to remember (or even know) them by heart.</p><p>7) Setup <a href="https://infosec.exchange/tags/MFA" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>MFA</span></a> for your accounts such that, together with 6), it is harder for adversaries to break in and steal data and/or make automated purchases on your behalf if possible. It is highly advisable using an authenticator app instead of code-by-SMS. For further protection, you can even use <a href="https://infosec.exchange/tags/biometrics" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>biometrics</span></a>, like <a href="https://infosec.exchange/tags/fingerprints" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>fingerprints</span></a> or facial scans. And/or a hardware device supporting <a href="https://infosec.exchange/tags/FIDO2" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>FIDO2</span></a>/#U2F or similar.</p><p>Note that these tips are applicable also when not shopping, and I would encourage them all.</p><p>Stay safe and have an awesome Friday!</p><p><a href="https://infosec.exchange/tags/mastodontips" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>mastodontips</span></a> <a href="https://infosec.exchange/tags/feditips" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>feditips</span></a> <a href="https://infosec.exchange/tags/profiling" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>profiling</span></a> <a href="https://infosec.exchange/tags/personalidentifyinginformation" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>personalidentifyinginformation</span></a> <a href="https://infosec.exchange/tags/pii" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>pii</span></a> <a href="https://infosec.exchange/tags/internetserviceproviders" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>internetserviceproviders</span></a> <a href="https://infosec.exchange/tags/tor" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>tor</span></a> <a href="https://infosec.exchange/tags/multifactorauthentication" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>multifactorauthentication</span></a> <a href="https://infosec.exchange/tags/2fa" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>2fa</span></a> <a href="https://infosec.exchange/tags/twofactorauthentication" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>twofactorauthentication</span></a> <a href="https://infosec.exchange/tags/yubikey" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>yubikey</span></a></p>
Jef Kazimer😶‍🌫️<p>With the ever increasing attacks on users, moving to <a href="https://infosec.exchange/tags/multifactorauthentication" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>multifactorauthentication</span></a> is a must in order to reduce the attack surface of just relying on a password to secure access to resources. Implementing <a href="https://infosec.exchange/tags/MFA" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>MFA</span></a> that is enforced all the time relies on also having a good user experience, which gave rise to mobile authenticator apps since many users always have their phones with them. However it also gave rise to <a href="https://infosec.exchange/tags/mfabombing" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>mfabombing</span></a> and griefing to get those users to approve. With the recent GA of <a href="https://infosec.exchange/tags/microsoftauthenticator" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>microsoftauthenticator</span></a> <a href="https://infosec.exchange/tags/azuread" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>azuread</span></a> orgs can enable number match and context for the push notification to further improve the <a href="https://infosec.exchange/tags/security" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>security</span></a> of the users by avoiding the blind approval of a push notification. </p><p>🔥 See the post on the AzureAD blog here and go enable these settings for your organization <a href="https://techcommunity.microsoft.com/t5/microsoft-entra-azure-ad-blog/advanced-microsoft-authenticator-security-features-are-now/ba-p/2365673" rel="nofollow noopener noreferrer" target="_blank"><span class="invisible">https://</span><span class="ellipsis">techcommunity.microsoft.com/t5</span><span class="invisible">/microsoft-entra-azure-ad-blog/advanced-microsoft-authenticator-security-features-are-now/ba-p/2365673</span></a> <a href="https://infosec.exchange/tags/microsoft" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>microsoft</span></a> <a href="https://infosec.exchange/tags/office365" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>office365</span></a> <a href="https://infosec.exchange/tags/o365" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>o365</span></a> <a href="https://infosec.exchange/tags/cloudsecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>cloudsecurity</span></a></p>