38,760
edits
Securing your account/en: Difference between revisions
Jump to navigation
Jump to search
Updating to match new version of source page
(Updating to match new version of source page) |
(Updating to match new version of source page) |
||
| Line 14: | Line 14: | ||
== SSH keys best practices == | == SSH keys best practices == | ||
SSH keys can be a good way to authenticate to your account without typing your password every time. However, to be secure, it is | SSH keys can be a good way to authenticate to your account without typing your password every time. However, to be secure, it is <b>imperative that SSH keys use a strong passphrase</b> that is treated like a password. | ||
Treat the private key as a security token, even when encrypted with a passphrase. Avoid putting a private key on any shared machine. Placing an unencrypted private key on the clusters is a huge security hole. | Treat the private key as a security token, even when encrypted with a passphrase. Avoid putting a private key on any shared machine. Placing an unencrypted private key on the clusters is a huge security hole. | ||
| Line 21: | Line 21: | ||
== Multifactor authentication == | == Multifactor authentication == | ||
Multifactor authentication (MFA) allows you to protect your account with more than a password or SSH key. Once your account is configured to use | Multifactor authentication (MFA) allows you to protect your account with more than a password or an SSH key. Once your account is configured to use MFA, you will need to enter your username and password or SSH key as usual, and then perform a second action (the second factor) to access most of our services. It is highly recommended to activate MFA on your account. Please see the [[Multifactor authentication]] page for more details. | ||
= General best practices = | = General best practices = | ||