MFAJAWS FESTA 2017 LT
Akira SHIBATA
•
•
• •
• MFA Multi-Factor Authentication
• TOTP Code
MFA
MFA
•
• •
IIJ SmartKey
IIJ SmartKey
• • • •
1Password
1Password
• • ID/Password
• •
• …
MFA
• TOTP
https://aws.amazon.com/jp/iam/details/mfa/
TOTP
TOTP?
• RFC 6238 - TOTP: Time-Based One-Time Password Algorithm
• HOTP
•
• PyOTP - The Python One-Time Password Library • https://github.com/pyotp/pyotp
• otp: One Time Password utilities Go / Golang • https://github.com/pquerna/otp
PyOTP
[akira@Akira-Mac ~]$ python Python 2.7.10 (default, Jul 15 2017, 17:16:57) [GCC 4.2.1 Compatible Apple LLVM 9.0.0 (clang-900.0.31)] on darwin Type "help", "copyright", "credits" or "license" for more information. >>> import pyotp >>> totp = pyotp.TOTP(“seecret_key") >>> print(totp.now()) 139568 >>> print(totp.now()) 416613
• https://github.com/beli68/pymfa pip install git+https://github.com/beli68/pymfa
README
• ˜