Should I offer ‘Any n or’ or ‘n Random’ MFA in my webapp, or just ‘All MFA’?

I am building a new webapp and I am currently working on the multi factor authentication part. I would like to offer choice when it comes to MFA, and I’ve been thinking about what choices I can offer. I have a plan, but I’m worried that two of the options I am thinking of offering look more secure, but in fact are less secure than the basic option.

When setting up MFA on the account, I was thinking of a form something like ([...] represents a form field):

In addition to every login, require MFA every [d] days. Require [All | Any n | n Random] factors, where n is [f] 

Requiring All MFA is certainly the most secure, but is Any n or n Random better or worse than All MFA with one less factor?

For example, is 2 factors where you don’t know which one will be asked for worse than 1 factor which you’re always asked. Is it also true for 3 factors, where 2 random factors will be asked for, vs a straight 2 factors always required?

It certainly adds extra hurdles from the point of view that you might have to get extra codes, but then again you could just keep trying (with delay) until you get asked for the right code, so it might not be much of a hurdle.

On the other hand, if I’m guessing/brute forcing, I have more chances to get it right if I don’t have to put in all factors. With the Any 1 of 2 factors example, I have doubled my chances of guessing it as it can match either factor.

Should I just have All MFA, or should I show the other options as well?

Thanks!

Magento2 SOAP error when using storeview ‘all’

We have a pretty strange issue with the Magento2 SOAP API. The SOAP is working, but whenever we use the type ‘CatalogDataProductAttributeInterface’ it will throw an error. But only on our production environment and when using the ‘all’ storeview.

We have four storeviews: 0 admin 1 moon 2 default 3 sun

When we call the SOAP using this URL, the response is 200 OK:

https://www.domain.com/soap/moon?services=catalogAttributeSetRepositoryV1%2CcatalogProductAttributeTypesListV1%2CcatalogProductAttributeRepositoryV1%2CcatalogAttributeSetManagementV1%2CcatalogProductAttributeManagementV1%2CcatalogProductAttributeGroupRepositoryV1%2CcatalogProductAttributeOptionManagementV1 

But when we try to call the SOAP using storeview ‘all’ the response is not OK and a PHP 500 error is given.

https://www.domain.com/soap/all?services=catalogAttributeSetRepositoryV1%2CcatalogProductAttributeTypesListV1%2CcatalogProductAttributeRepositoryV1%2CcatalogAttributeSetManagementV1%2CcatalogProductAttributeManagementV1%2CcatalogProductAttributeGroupRepositoryV1%2CcatalogProductAttributeOptionManagementV1 

And to make things more complicated, when we make an exact copy of database and files, and set it on the staging environment, the SOAP does work with storeview ‘all’.

https://www.domain.com:8443/soap/all?services=catalogAttributeSetRepositoryV1%2CcatalogProductAttributeTypesListV1%2CcatalogProductAttributeRepositoryV1%2CcatalogAttributeSetManagementV1%2CcatalogProductAttributeManagementV1%2CcatalogProductAttributeGroupRepositoryV1%2CcatalogProductAttributeOptionManagementV1 

Questions: 1) Did anyone have this problem before and knows a possible solution?

2) Does anyone have any advise about how to debug the error. The Magento log is empty and also the Nginx error.log does not provide more information than the default php error:

2019/07/30 16:32:00 [error] 11151#11151: *24879 FastCGI sent in stderr: “PHP message: PHP Fatal error: SOAP-ERROR: Parsing WSDL: Couldn’t load from ‘data://text/plain;base64,PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0iVVRGLTgiPz4KPGRlZmluaXRpb25zIHhtbG5zPSJodHRwOi8vc2NoZW1hcy54bWxzb2FwLm9yZy93c2RsLyIgeG1sbnM6d3NkbD0iaHR0cDovL3NjaGVtYXMueG1sc29hcC5vcmcvd3NkbC8iIHhtbG5zOnRucz0iaHR0cHM6Ly93d3cuaGlwcGVzdC1mYXNoaW9uLm5sL3NvYXAvYWxsP3NlcnZpY2VzPWNhdGFsb2dBdHRyaWJ1dGVTZXRSZXBvc2l0b3J5VjElMkNjYXRhbG9nUHJvZHVjdEF0dHJpYnV0ZVR5cGVzTGlzdFYxJTJDY2F0YWxvZ1Byb2R1Y3RBdHRyaWJ1dGVSZXBvc2l0b3J5VjElMkNjYXRhbG9nQXR0cmlidXRlU2V0TWFuYWdlbWVudFYxJTJDY2F0YWxvZ1Byb2R1Y3RBdHRyaWJ1dGVNYW5hZ2VtZW50VjElMkNjYXRhbG9nUHJvZHVjdEF0dHJpYnV0ZUdyb3VwUmVwb3NpdG9yeVYxJTJDY2F0YWxvZ1Byb2R1Y3RBdHRyaWJ1dGVPcHRpb25NYW5hZ2VtZW50VjEiIHhtbG5zOnNvYXA9Imh0dHA6Ly9zY2hlbWFzLnhtbHNvYXAub3JnL3dzZGwvc29hcC8iIHhtbG5zOnhzZD0iaHR0cDovL3d3dy53My5vcmcvMjAwMS9YTUxTY2hlbWEiIHhtbG5zOnNvYXAtZW5jPSJodHRwOi8vc2NoZW1hcy54bWxzb2FwLm9yZy9zb2FwL2VuY29kaW5nLyIgeG1sbnM6c29hcDEyPSJodHRwOi8vc2NoZW1hcy54bWxzb2FwLm9yZy93c2RsL3NvYXAxMi8iIG5hbWU9Ik1hZ2VudG” while reading response header from upstream, client: 185.42.84.4, server: domain.com, request: “POST /soap/all?services=catalogAttributeSetRepositoryV1,catalogProductAttributeTypesListV1,catalogProductAttributeRepositoryV1,catalogAttributeSetManagementV1,catalogProductAttributeManagementV1,catalogProductAttributeGroupRepositoryV1,catalogProductAttributeOptionManagementV1 HTTP/1.1”, upstream: “fastcgi://127.0.0.1:9000”, host: “www.domain.com”

Command to show “ipconfig /all” equivalent [duplicate]

This question already has an answer here:

  • What is the equivalent terminal command to ipconfig /all? 5 answers

Command to show “ipconfig /all” equivalent

Is there a program or command to show all networking information (IP & subnet mask, Gateway, DNS servers, Hostname, DHCP lease info, DHCP server)… conveniently with one command, like the built-in Windows ipconfig /all does? I have searched and searched, but online search results just keep showing “10 useful Linux Networking commands”. If you don’t know, you don’t have to let me know by commenting that you don’t know, or going off-top about creating a script to do this-n-that. Just looking to see if there’s a little proggy out there to do this 🙂

OS: Kubuntu 18.04.2 LTS Kernel: 4.18.0-25-generic Shell: bash 4.4.19

How do transfer Google Calendar ‘all day’ events from one month to the other?

I put my tasks on my calendar as ‘all-day’ events (there is Google Tasks for Calendar but I don’t want to use it). However, since August ended with a Saturday, there is not a single day of September displayed on the month view of August, so I can’t drag-and-drop my events from August to September. I don’t want to click and go to the edit view of every single August event/task and change the date to September.

Is there a faster way?

How do I enable *all* keys on the touchscreen keyboard?

Don’t get me wrong, I’m grateful that we have a touchscreen keyboard.

All the good keys are there for normal language…

Touchscreen keyboard in 19.04 alphabet keys

Keys are there to get into vim command mode….

Touchscreen keyboard in 19.04 symbol keys

And I can write my bash scripts in emoji!

Touchscreen keyboard in 19.04 emoji keys

But wait, now I’m stuck!

How do I:

  • ESC (escape command mode in vi??) Can’t get back my work!!
  • CTRL (I can’t CTRL+Z to jump back to the same shell)
  • ARROW KEYS (How am I ever going to play Kings Quest on DosBox???)

🙁

:-p

Prevent ‘reply all’ in Facebook group message

I’m the admin for a Facebook group of approximately 50 members, and I want to send a single message to everyone in the group. I need to use a message because most members of the group do not receive notifications for posts on the group page.

The last time I sent a message to the whole group, a few members started replying in a casual chatty way that spammed all of the other members and led to some of them leaving the group.

Is it possible to send a message to a group that does not allow anyone to “reply all”?

List of 10 Expired Indian Domains – All DA 20+ – All. IN or CO. IN TLD for $10

There is nothing more exciting than having your own very high metric PBN, especially for someone who loves to see his/her website rising in terms of ranking on the major search engines just like the sun rises in the morning. This expired high metric list was made in India for Indian businesses by an All-Indian team.

by: WinnersPBN
Created: —
Category: PBNs
Viewed: 129