Now that multi factor authentication is gaining ground I thought I would write a simple guide on how to secure administrative access with MFA on Linux systems. The solution is simple and based on Google Authenticator. The good thing with Google Authenticator is that it's a typical TOTP/HOTP solution and as such does not require any internet connectivity on either the server or the client. The configuration examples provided are more or less appropriate for openSUSE Leap 15 and Ubuntu 18.04 LTS
As you may have heard, Google+ is going to die. This is a good thing since there were some security / privacy issues last year. Google decided to kill the product instead of trying to fix it, which is understandable and a respectful decision.
There is a lot of discussion lately about multi-factor authentication and how this will upgrade everyone's security. Indeed, it is an improvement and it was about time we start becoming more conscious about the security issues related to authentication. As usually though, these discussions generated a lot of confusing and "why it didn't work" moments when we see cases such as Reddit's hack in August of 2018.
More than a year ago I wrote an article about how you should stop remembering passwords. A few smart people figured out that was I was suggesting, was equivalent to using a password manager. Without the hassle of using one and without the risk of your password manager being compromised. Smart, right?