CVE-2021-3011: Key recovery on Google Titan Key

This page summarizes the projects mentioned and recommended in the original post on news.ycombinator.com

Our great sponsors
  • WorkOS - The modern identity platform for B2B SaaS
  • InfluxDB - Power Real-Time Data Analytics at Scale
  • SaaSHub - Software Alternatives and Reviews
  • pace

    Automatically add a progress bar to your site.

    I don't know why it does that, but I looked at it and it's using something called "Pace Progress Bar", which in turn uses the old jQuery progress bar.

    Source for it: https://github.com/CodeByZach/pace

  • aws-vault

    A vault for securely storing and accessing AWS credentials in development environments

    You may want to look into AWS Single Sign-On. In may not be available in the region you're mostly using but that's not necessarily an issue [0].

    The service itself is free but requires an identity provider. If you already have a compatible one, you can use it at no additional cost. Otherwise, you'll have to pay for the IdP.

    This setup allows you to offload MFA handling to your main IdP with the added bonus of using the same method of authentication, possibly integrated into your OS (for example if using Windows Hello / AzureAD).

    At work, we use Azure AD as the IdP for AWS SSO and it works fairly well, aside from Azure's crappy (inexistent) support of security keys outside of Windows.

    There is one gotcha with an easy workaround: the SDKs don't usually support the login part of the SSO flow, and sometimes don't support it at all (terraform comes to mind). To work around this, I'm aware of two tools you can use:

    * aws-vault [1], which I personally use and works great for setting the required environment variables, no need to actually have it handle any sort of key

    * aws-sso-util [2], which I've seen recommended but never tried

    ---

    [0] It may be an issue if you need to use the managed ActiveDirectory service, which needs to be in the same region

    [1] https://github.com/99designs/aws-vault

    [2] https://github.com/benkehoe/aws-sso-util

  • WorkOS

    The modern identity platform for B2B SaaS. The APIs are flexible and easy-to-use, supporting authentication, user identity, and complex enterprise features like SSO and SCIM provisioning.

NOTE: The number of mentions on this list indicates mentions on common posts plus user suggested alternatives. Hence, a higher number means a more popular project.

Suggest a related project

Related posts