![]() All room, apartments in the home are accessed by staff and residents. Hey allTook over a Nursing home recently thats not got any VLAN setup. Usually these are low value targets, so the compromise is worth the convenience and centralization of credentials in those "hit by a bus" scenarios. But every now and then, there's a particular service that it makes more sense for us to use our email address instead of email - whether because of licensing or ease of management. For nearly all of our stuff, we use LastPass for passwords and MS Authenticator for TOTP codes. You mentioned passwords & MFA in the same place making you queasy, and you're not wrong. and for some reason our domain's time was always ~2 minutes behind! I updated the organization GPO to point to instead of our domain controller for time, and once that propagated, LastPass started showing the same codes as our phones. Then I had a teammate look at it with me, and he realized that the codes we'd seen on our phones were showing up on my computer minutes later! It should have been obvious, but since the TOTP codes are time-based, it runs on the assumption that your clock is correct. Yesterday, there was another site I wanted to set up and when it was giving me the same issue, I spent some time on it and figured out the issue! I went down the path to trying to see if there were different standards / methods used by different TOTP apps and found the RFC you mentioned above. Thanks for this response! I know it's been a really long time, but I've just dealt with passing codes to my team from my phone for the site discussed in this post. ![]() One breach and the bad guys have the whole enchilada. I wouldn't be surprised if it's a LastPass bug.Īlso FWIW, as I'm paranoid, having the password and the MFA rolled up in one app makes me a bit queasy. Yep, TOTP used by Google, MS, Authy and friends is based on RFC 6238.įWIW, I've found LastPass tends to be flaky.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |