Upload
maude-carpenter
View
216
Download
0
Tags:
Embed Size (px)
Citation preview
Two-Factor Authentication
In this talk
• Why a change is being proposed
• What is the proposed change
• A request for feedback
2
Why is a change being made?
• X.509 Certificates have been used since 2002 for MyAPNIC
• Highly secure, but difficult to work with
• A common theme in feedback is to make a change
3
What is the proposed change?
• X.509 Certificates are a form of two-factor authentication
• The APNIC Secretariat will implement an alternative form:– Open standards based “TOTP”– Open implementations of authentication devices exist
• X.509 and TOTP will work side-by-side as alternatives
4
How will it work?
• Choose your authentication mechanism– Switching to TOTP is an option
• Choose your authentication device– Wide support for smart phones
• Activate TOTP on your APNIC user account
5
Logging in with TOTP
• User ID and password continue as normal
• You will be prompted for a six-digit code
• Your smart phone will provide you with the code
6
A request for feedback
• Is this work the APNIC membership would like to see done?
• Would the membership like X.509 support retained beyond a transition period as a choice?
• Does the membership agree with the proposal to use TOTP?
• Blog post up on this subject– https://blog.apnic.net/– Please leave your feedback!
7
8