[GTER] ARIN passará a exigir 2FA no acesso ao portal

Wed Nov 2 14:06:10 -03 2022

On 01/11/2022 13:00, Douglas Fischer via gter wrote:
> Bem que o Registro.BR poderia seguir na mesma linha, não é mesmo?

mas o registro.BR já usa autenticação por dois fatores. Para entrar na minha 
conta uso TOTP (com o Google Authenticator) há um bom tempo.

Só não sei se isso é obrigatório ou opcional.

-- Danton

> 
> ---------- Forwarded message ---------
> De: John Curran <jcurran at arin.net>
> Date: ter., 1 de nov. de 2022 às 12:12
> Subject: NOTICE - Change in access to ARIN Online (was: Fwd:
> [arin-announce] ARIN to Enforce 2FA on all ARIN Online Accounts Starting 1
> February 2023)
> To: North American Network Operators' Group <nanog at nanog.org>
> 
> 
> NANOGers -
> 
> Important information - please note this change will affect how access to
> your ARIN Online account and related administration of your number
> resources.
> 
> FYI,
> /John
> 
> John Curran
> President and CEO
> American Registry for Internet Numbers
> 
> 
> Begin forwarded message:
> 
> *From: *ARIN <info at arin.net>
> *Subject: **[arin-announce] ARIN to Enforce 2FA on all ARIN Online Accounts
> Starting 1 February 2023*
> *Date: *1 November 2022 at 10:10:10 AM EDT
> *To: *"arin-announce at arin.net" <arin-announce at arin.net>
> 
> Beginning 1 February 2023, ARIN will require Two-Factor Authentication
> (2FA) on all ARIN Online accounts. Customers will be able to choose between
> Time-Based One-Time password (TOTP), SMS-based, and Fast Identity Online 2
> (FIDO2).
> 
> We had initially planned to enforce 2FA following the deployment of
> SMS-based 2FA, but we opted to delay the implementation of enforcing 2FA
> for all ARIN Online accounts until we were able to complete implementation
> of FIDO2 due to significant community feedback received during our
> community consultation (
> https://www.arin.net/announcements/20220524-consultopen/) on this change.
> 
> FIDO2 support is pending release on 19 December 2022. You can learn more
> about your 2FA options by visiting our website:
> https://www.arin.net/reference/materials/security/twofactor/
> 
> By requiring 2FA for ARIN Online accounts that control number resources,
> the ARIN community should see stronger security for the registry, reduced
> risk of account fraud attempts, and increased confidence in the integrity
> of their ARIN resources.
> 
> We strongly encourage account holders to set up 2FA in advance of the flag
> day for enforcement so that this change is not interruptive to your account
> access after 1 February 2023.
> 
> Regards,
> 
> John Curran
> President and CEO
> American Registry for Internet Numbers (ARIN)
> 
> HELPFUL RESOURCES:
> 
> Need help setting up your two-factor authentication? Visit
> https://www.arin.net/2fa to get started. You’ll find guides on enabling 2FA
> via an authenticator application such as Google Authenticator, SMS or
> Voice, and (coming soon) FIDO2.
> 
> We also provide information on how to receive and save your 2FA recovery
> codes, as well as what to do if you’ve lost access to your authenticator or
> SMS/Voice phone number.
> 
> 
> 
> 