A senior operations engineer shares seven battle‑tested techniques—including port masking, key‑based authentication, Fail2ban, IP whitelisting, connection limits, two‑factor authentication, and a honeypot—to dramatically reduce SSH brute‑force attacks and protect critical servers.
Warpgate is an open‑source, Rust‑crafted bastion host that delivers secure, transparent, and high‑performance remote access for SSH, HTTPS, MySQL, and PostgreSQL without requiring any client software, offering native 2FA, SSO, session auditing, and a single 30 MB binary deployment.
The article examines recent supply‑chain attacks on the front‑end ecosystem, explains pnpm’s cooling‑off feature, and details GitHub’s multi‑layered plan—including mandatory 2FA, package signing, backend refactoring, and automatic detection—to transform the time gap of attacks into a difficulty gap, while acknowledging the added overhead for maintainers.
This article explains the concepts, importance, various forms, and practical implementation details of MFA and 2FA—including the Google Authenticator TOTP mechanism—while also discussing their limitations, costs, and future directions in modern identity security.
After a night-time SMS spam attack that cost 400 RMB, the team analyzed the breach, evaluated various captcha methods—including text, slider, reCAPTCHA v2/v3, and 2FA—implemented temporary throttling, and ultimately adopted a combined reCAPTCHA and two‑factor authentication approach to strengthen account security.
This guide explains why GitHub’s 2FA setup may lack a China option, shows a JavaScript workaround that no longer works, and details the reliable method of completing verification using authenticator apps and a QR code.
This article explains the fundamentals of authentication, covering session‑cookie and token methods, their workflows, security considerations, and advanced techniques such as single sign‑on, OAuth2, LDAP, and two‑factor authentication, with practical examples and code snippets.
This tutorial explains how to download, configure, and use the PHP GoogleAuthenticator class for two‑factor authentication in a ThinkPHP 6 environment, including code examples for generating secrets, QR‑code URLs, storing them, and verifying user tokens.
This article reviews the historical development, current practices, and future direction of web authentication, covering traditional password login, third‑party protocols like OpenID and OAuth2.0, two‑factor authentication methods, and the emerging password‑less WebAuthn standard.
