TOTP | TOTP algorithm , an algorithm

I am using openconnect --protocol=gp vpn.mysite.com and it says its connecting, but it is waiting for the SAML authentication. The command and authentication works on my debian machine it prompts for a username and password, but trying on my other linux machine it does not seem to want to prompt for authentication. This is the output:

I have implemented the custom-mfa-totp sample. I have defined a custom policy which allows to reset the QR code. Everything works fine.

Now I need to let's say connect the two policies. Let' assume the following scenario:

• User signs up to my B2C
• User signs in, it has to install the authentication app in order to get the verify code
• User is signed in
• Month later the User has to reinstall the app (for an unknown reason). If he goes to the login, a verify code is requested:

My idea is to add a sort of link in order to open the other policy to reset the QR code. In the documentation I have seen the possibility to add Actions, but I have not been able to figure out how. Any hint?

I already added it:

But in order to redirect in a right way, i need the parameters from the previous page, such as ´client_Id´ and redirect_url.

I have a Dockerfile, docker-compose.yml, requirements.txt defined below for a django project. The Dockerfile uses python:3.8.3-alpine and the docker-compose.yml have a db service that uses postgres:12.0-alpine image. I made sure that the dependencies are defined in the Dockerfile as required. However, it seems to me that django-allauth require extra dependencies. I have tried for days to fix this issue but get an error that says
This package requires Rust >=1.41.0. ERROR: Failed building wheel for cryptography. I haved pasted the whole error for reference sake. Any help will be much appreciated. Thanks in advance.

I need your advice. What is the best way, from an opsec-perspective, when sharing an LE wildcard certificates between several web-services on the same host?

• On my domain I have an auto-renewed LE wildcard cert (containerized)
  • The folder holding the certificates is mapped to a host folder, owned by LE-user:LE-group and has 700 privileges assigned
• All sub-domains are pointing to web-services on the same host (all containerized)
• All publicly accessible services are handled by an Nginx reverse proxy (containerized) and thus they are all LE SSL encrypted downstream
• The admin services (portainer, adminer, cockpit, etc.) are only accessible from the LAN and are all protected by strong and unique passwords

I want to protect the above-mentioned admin-services with the LE wildcard cert as I am tired of having to confirm that I "accept the risk" because they are using self-signed certs, but I'm in doubt what is the best way to achieve this. So far I see three possible ways around it, all having their own drawbacks:

1. Create a script executed by a cron-job that copy the LE certificate to the various admin-services cert-folders whenever the cert is renewed.
   • Drawback: The script would need to be run with root privileges
2. Allow the admin-services to access the cert in the host-mapped folder.
   • Drawback: I would need 704 access to the LE Cert folder or 740 and add all admin-sevice-users to the LE group
3. Serve the admin-services through the reverse proxy, enable TOTP protection and restrict access to the public IP of the server.
   • Drawback: If I mess something up or there is a zero-day exploid in my Nginx or TOTP installation, the admin-services are publicly accessible

Which of the above mentioned solutions do you see as the "best-practice" solution from a opsec perspective or would you suggest a completely different solution that I haven't thought about?

Many thanks in advance!

Hi!

I've read literally all the articles about using map, filter, and includes in JS, but I still can't figure out how to get the "block"I need from the checks I received and passed.

Task: Inside object A, there are arrays that have the "block" field. This field should be compared with array B and the resulting values saved or simply returned.

First I got the unique values and combined them, and then I started searching in the resulting list, comparing them.

I have a repository which is private. Before, I was able to clone it from my terminal by giving the username and password. Few days back I got a mail from GitHub to enable 2FA in my account. I did but now I see my account password doesn't seem to work when I give my password in my terminal. I use Google Authenticator as my TOTP app and I also tried giving that password but still it says authentication failure. Please help me out

Hello all and thank you in advance for your help,

I have a list of same links in a txt file and need to replace one string 'username' in multiple lines in it : example of one line in a file (string to replace in bold)

https://www.google.com/chart?chs=200x200&chld=M|0&cht=qr&chl=otpauth://totp/**username**@svgauth%3Fsecret%3D

List of users from file : example C:\Temp\names.txt . File structure like : john bob merry and so on...

output to the txt file should be like :

https://www.google.com/chart?chs=200x200&chld=M|0&cht=qr&chl=otpauth://totp/**bob**@svgauth%3Fsecret%3D https://www.google.com/chart?chs=200x200&chld=M|0&cht=qr&chl=otpauth://totp/**john**@svgauth%3Fsecret%3D https://www.google.com/chart?chs=200x200&chld=M|0&cht=qr&chl=otpauth://totp/**merry**@svgauth%3Fsecret%3D

all the replacements should be taken from a txt file

This code isn't working, it is just an example :

I am setting up TOTP-based MFA in Cognito according to the official documentation. The user pool is configured, the next step is to associate the token. Using boto3:

I'm building a 2FA application, which scans a QR code. Then it parses the uri inside QR code and returns a totp code. However, I have a problem closing the CupertinoActionSheet using Navigator.of(context).pop().

I want it to work like that:

1. When a user taps on "add" button, the Action Sheet shows up.
2. When user clicks on "Scan QR code", the Action Sheet must close and then proceed with scanning.

Here's what it looks like:

Here's the error that shows ups when I have the code below: "Looking up a deactivated widget's ancestor is unsafe. At this point the state of the widget's element tree is no longer stable. To safely refer to a widget's ancestor in its dispose() method, save a reference to the ancestor by calling dependOnInheritedWidgetOfExactType() in the widget's didChangeDependencies() method."