Marcus "MajorLinux" Summers<p>I guess it's better late than never.</p><p>GOG add support for authenticator apps for two-factor authentication (2FA) </p><p><a href="https://www.gamingonlinux.com/2025/05/gog-add-support-for-authenticator-apps-for-two-factor-authentication-2fa/" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://www.</span><span class="ellipsis">gamingonlinux.com/2025/05/gog-</span><span class="invisible">add-support-for-authenticator-apps-for-two-factor-authentication-2fa/</span></a></p><p><a href="https://toot.majorshouse.com/tags/GOG" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>GOG</span></a> <a href="https://toot.majorshouse.com/tags/MultiFactorAuthentication" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>MultiFactorAuthentication</span></a> <a href="https://toot.majorshouse.com/tags/Security" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Security</span></a> <a href="https://toot.majorshouse.com/tags/InfoSec" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>InfoSec</span></a> <a href="https://toot.majorshouse.com/tags/Gaming" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Gaming</span></a></p>
Recent searches
No recent searches
Search options
Only available when logged in.
shakedown.social is one of the many independent Mastodon servers you can use to participate in the fediverse.
A community for live music fans with roots in the jam scene. Shakedown Social is run by a team of volunteers (led by @clifff and @sethadam1) and funded by donations.
Administered by:
Server stats:
272active users
shakedown.social: About · Status · Profiles directory · Privacy policy
Mastodon: About · Get the app · Keyboard shortcuts · View source code · v4.3.7
#multifactorauthentication
1 post · 1 participant · 0 posts today
IT News<p>Why MFA is getting easer to bypass and what to do about it - An entire cottage industry has formed around phishing attacks that bypass ... - <a href="https://arstechnica.com/security/2025/05/phishing-attacks-that-defeat-mfa-are-easier-than-ever-so-what-are-we-to-do/" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">arstechnica.com/security/2025/</span><span class="invisible">05/phishing-attacks-that-defeat-mfa-are-easier-than-ever-so-what-are-we-to-do/</span></a> <a href="https://schleuss.online/tags/multifactorauthentication" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>multifactorauthentication</span></a> <a href="https://schleuss.online/tags/passwords" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>passwords</span></a> <a href="https://schleuss.online/tags/security" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>security</span></a> <a href="https://schleuss.online/tags/phishing" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>phishing</span></a> <a href="https://schleuss.online/tags/webauthn" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>webauthn</span></a> <a href="https://schleuss.online/tags/biz" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>biz</span></a> <a href="https://schleuss.online/tags/mfa" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>mfa</span></a></p>
IT News<p>Google makes it easier for users to switch on advanced account protection - Enlarge (credit: Getty Images) </p><p>Google is making it easier for ... - <a href="https://arstechnica.com/?p=2036985" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="">arstechnica.com/?p=2036985</span><span class="invisible"></span></a> <a href="https://schleuss.online/tags/multifactorauthentication" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>multifactorauthentication</span></a> <a href="https://schleuss.online/tags/passwords" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>passwords</span></a> <a href="https://schleuss.online/tags/security" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>security</span></a> <a href="https://schleuss.online/tags/passkeys" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>passkeys</span></a> <a href="https://schleuss.online/tags/biz" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>biz</span></a> <a href="https://schleuss.online/tags/google" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>google</span></a></p>
IT News<p>Hackers steal “significant volume” of data from hundreds of Snowflake customers - Enlarge (credit: Getty Images) </p><p>As many as 165 customers of clo... - <a href="https://arstechnica.com/?p=2030619" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="">arstechnica.com/?p=2030619</span><span class="invisible"></span></a> <a href="https://schleuss.online/tags/multifactorauthentication" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>multifactorauthentication</span></a> <a href="https://schleuss.online/tags/databreaches" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>databreaches</span></a> <a href="https://schleuss.online/tags/snowflake" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>snowflake</span></a> <a href="https://schleuss.online/tags/security" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>security</span></a> <a href="https://schleuss.online/tags/biz" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>biz</span></a>&it</p>
IT News<p>LastPass users targeted in phishing attacks good enough to trick even the savvy - Enlarge (credit: Getty Images) </p><p>Password-manager LastPass users... - <a href="https://arstechnica.com/?p=2018339" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="">arstechnica.com/?p=2018339</span><span class="invisible"></span></a> <a href="https://schleuss.online/tags/multifactorauthentication" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>multifactorauthentication</span></a> <a href="https://schleuss.online/tags/credentialphishing" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>credentialphishing</span></a> <a href="https://schleuss.online/tags/security" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>security</span></a> <a href="https://schleuss.online/tags/lastpass" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>lastpass</span></a> <a href="https://schleuss.online/tags/biz" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>biz</span></a>&it</p>
IT News<p>Frontegg launches entitlements engine to streamline access authorization - Frontegg’s new entitlement engine will be powered by context-aware logic controls (CALC) ... - <a href="https://www.csoonline.com/article/3697735/frontegg-launches-entitlements-engine-to-streamline-access-authorization.html#tk.rss_all" rel="nofollow noopener noreferrer" target="_blank"><span class="invisible">https://www.</span><span class="ellipsis">csoonline.com/article/3697735/</span><span class="invisible">frontegg-launches-entitlements-engine-to-streamline-access-authorization.html#tk.rss_all</span></a> <a href="https://schleuss.online/tags/multifactorauthentication" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>multifactorauthentication</span></a> <a href="https://schleuss.online/tags/authentication" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>authentication</span></a></p>
Brad Linder<p>Security key maker Yubico is "merging" with a Swedish holding company called ACQ Bure in order to become a publicly traded company. It's unclear what, if any, long term impact this will have on the company's products. <a href="https://www.yubico.com/blog/yubico-is-merging-with-acq-bure/" rel="nofollow noopener noreferrer" target="_blank"><span class="invisible">https://www.</span><span class="ellipsis">yubico.com/blog/yubico-is-merg</span><span class="invisible">ing-with-acq-bure/</span></a> </p><p><a href="https://fosstodon.org/tags/Yubico" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Yubico</span></a> <a href="https://fosstodon.org/tags/Security" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Security</span></a> <a href="https://fosstodon.org/tags/MultiFactorAuthentication" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>MultiFactorAuthentication</span></a></p>
IT News<p>Still using authenticators for MFA? Software for sale can hack you anyway - Enlarge (credit: Getty Images) </p><p>Microsoft on Tuesday profiled s... - <a href="https://arstechnica.com/?p=1924036" rel="nofollow noopener noreferrer" target="_blank"><span class="invisible">https://</span><span class="">arstechnica.com/?p=1924036</span><span class="invisible"></span></a> <a href="https://schleuss.online/tags/multifactorauthentication" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>multifactorauthentication</span></a> <a href="https://schleuss.online/tags/two" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>two</span></a>-factorauthentication <a href="https://schleuss.online/tags/accounttakeovers" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>accounttakeovers</span></a> <a href="https://schleuss.online/tags/phishing" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>phishing</span></a> <a href="https://schleuss.online/tags/biz" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>biz</span></a> <a href="https://schleuss.online/tags/2fa" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>2fa</span></a> <a href="https://schleuss.online/tags/mfa" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>mfa</span></a></p>
Shane Brennan<p><span class="h-card"><a href="https://shakedown.social/@boelder" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@<span>boelder</span></a></span> I currently use <a href="https://mastodon.social/tags/1password" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>1password</span></a> with a shared vault in Dropbox. I also use their <a href="https://mastodon.social/tags/multifactorauthentication" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>multifactorauthentication</span></a> so I can quickly update my <a href="https://mastodon.social/tags/credentials" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>credentials</span></a> if necessary and stay sync’d. The ability to share specific keys, credentials, etc with my family account as well as a separate corporate account makes it easy to isolate two universes without slowing my day to day actions.</p>
Morten<p>With it being <a href="https://infosec.exchange/tags/BlackFriday" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>BlackFriday</span></a> and all, I hope nobody is caught up in scams or phishing attacks while doing their (frantic!) online <a href="https://infosec.exchange/tags/shopping" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>shopping</span></a>.</p><p>Here are a few <a href="https://infosec.exchange/tags/security" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>security</span></a> and <a href="https://infosec.exchange/tags/privacy" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>privacy</span></a> tips that I hope will help somebody:</p><p>1) If you have a coupon code, don't follow a provided link to the shopping page. Instead find the page yourself, e.g., via a <a href="https://infosec.exchange/tags/searchengine" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>searchengine</span></a>, and then input the coupon code manually.</p><p>2) Access online shops without being logged in, and without any <a href="https://infosec.exchange/tags/cookies" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>cookies</span></a>, such that the shop cannot set prices according to <a href="https://infosec.exchange/tags/personaldata" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>personaldata</span></a> or previous purchases (yes, they do that). Except, of course, if the discount is only available when actually having an account. Attempt anonymously first.</p><p>3) An improvement to 2) is accessing online shops via <a href="https://infosec.exchange/tags/TorBrowser" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>TorBrowser</span></a> or similar. </p><p>4) Use a <a href="https://infosec.exchange/tags/VPN" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>VPN</span></a> such that <a href="https://infosec.exchange/tags/ISPs" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>ISPs</span></a> and other adversaries cannot obtain or spoof information. It also protects your data, like credit card info, if you are using public a <a href="https://infosec.exchange/tags/WiFi" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>WiFi</span></a> (never do that without VPN).</p><p>5) As corollary to 4) you can even sometimes get discounts by using a different location than your own.</p><p>6) Use a <a href="https://infosec.exchange/tags/passwordmanager" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>passwordmanager</span></a> for your credentials such that they can be longer and harder to guess/crack. This also means you don't have to remember (or even know) them by heart.</p><p>7) Setup <a href="https://infosec.exchange/tags/MFA" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>MFA</span></a> for your accounts such that, together with 6), it is harder for adversaries to break in and steal data and/or make automated purchases on your behalf if possible. It is highly advisable using an authenticator app instead of code-by-SMS. For further protection, you can even use <a href="https://infosec.exchange/tags/biometrics" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>biometrics</span></a>, like <a href="https://infosec.exchange/tags/fingerprints" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>fingerprints</span></a> or facial scans. And/or a hardware device supporting <a href="https://infosec.exchange/tags/FIDO2" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>FIDO2</span></a>/#U2F or similar.</p><p>Note that these tips are applicable also when not shopping, and I would encourage them all.</p><p>Stay safe and have an awesome Friday!</p><p><a href="https://infosec.exchange/tags/mastodontips" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>mastodontips</span></a> <a href="https://infosec.exchange/tags/feditips" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>feditips</span></a> <a href="https://infosec.exchange/tags/profiling" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>profiling</span></a> <a href="https://infosec.exchange/tags/personalidentifyinginformation" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>personalidentifyinginformation</span></a> <a href="https://infosec.exchange/tags/pii" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>pii</span></a> <a href="https://infosec.exchange/tags/internetserviceproviders" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>internetserviceproviders</span></a> <a href="https://infosec.exchange/tags/tor" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>tor</span></a> <a href="https://infosec.exchange/tags/multifactorauthentication" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>multifactorauthentication</span></a> <a href="https://infosec.exchange/tags/2fa" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>2fa</span></a> <a href="https://infosec.exchange/tags/twofactorauthentication" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>twofactorauthentication</span></a> <a href="https://infosec.exchange/tags/yubikey" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>yubikey</span></a></p>
Jef Kazimer😶🌫️<p>With the ever increasing attacks on users, moving to <a href="https://infosec.exchange/tags/multifactorauthentication" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>multifactorauthentication</span></a> is a must in order to reduce the attack surface of just relying on a password to secure access to resources. Implementing <a href="https://infosec.exchange/tags/MFA" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>MFA</span></a> that is enforced all the time relies on also having a good user experience, which gave rise to mobile authenticator apps since many users always have their phones with them. However it also gave rise to <a href="https://infosec.exchange/tags/mfabombing" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>mfabombing</span></a> and griefing to get those users to approve. With the recent GA of <a href="https://infosec.exchange/tags/microsoftauthenticator" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>microsoftauthenticator</span></a> <a href="https://infosec.exchange/tags/azuread" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>azuread</span></a> orgs can enable number match and context for the push notification to further improve the <a href="https://infosec.exchange/tags/security" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>security</span></a> of the users by avoiding the blind approval of a push notification. </p><p>🔥 See the post on the AzureAD blog here and go enable these settings for your organization <a href="https://techcommunity.microsoft.com/t5/microsoft-entra-azure-ad-blog/advanced-microsoft-authenticator-security-features-are-now/ba-p/2365673" rel="nofollow noopener noreferrer" target="_blank"><span class="invisible">https://</span><span class="ellipsis">techcommunity.microsoft.com/t5</span><span class="invisible">/microsoft-entra-azure-ad-blog/advanced-microsoft-authenticator-security-features-are-now/ba-p/2365673</span></a> <a href="https://infosec.exchange/tags/microsoft" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>microsoft</span></a> <a href="https://infosec.exchange/tags/office365" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>office365</span></a> <a href="https://infosec.exchange/tags/o365" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>o365</span></a> <a href="https://infosec.exchange/tags/cloudsecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>cloudsecurity</span></a></p>
ExploreLive feeds
Mastodon is the best way to keep up with what's happening.
Follow anyone across the fediverse and see it all in chronological order. No algorithms, ads, or clickbait in sight.
Create accountLoginDrag & drop to upload