Commit 4e83a154 authored by Evan Read's avatar Evan Read 🇭🇲

Use automatically generated heading id so TOTP link works. Remove workaround in second link.

parent 4b6fea5c
Pipeline #28322144 passed with stages
in 26 minutes and 47 seconds
......@@ -95,7 +95,7 @@ Enable Watchtower by going to your 1Password app and then to **Preferences > Wat
1. Use the ["Security Audit"](https://i.agilebits.com/dt/Blank_Skitch_Document_18FB0234.png)
functionality of 1Password to reveal repeated passwords, weak passwords, and so
forth - and then fix them.
1. Enable two-factor authentication (2FA) with [1Password TOTP](/handbook/security/#two-factor-authentication-and-time-based-one-time-passwords) for your [Google](https://myaccount.google.com/signinoptions/two-step-verification/enroll-welcome), [Slack](https://get.slack.help/hc/en-us/articles/204509068-Set-up-two-factor-authentication), [GitLab.com](https://docs.gitlab.com/ee/user/profile/account/two_factor_authentication.html#enabling-2fa), and dev.gitlab.org accounts. `Users without 2FA enabled that are stale for over 30 days will be blocked/suspended until resolved. This improves the security posture for both the user and GitLab.`
1. Enable two-factor authentication (2FA) with [1Password TOTP] for your [Google](https://myaccount.google.com/signinoptions/two-step-verification/enroll-welcome), [Slack](https://get.slack.help/hc/en-us/articles/204509068-Set-up-two-factor-authentication), [GitLab.com](https://docs.gitlab.com/ee/user/profile/account/two_factor_authentication.html#enabling-2fa), and dev.gitlab.org accounts. `Users without 2FA enabled that are stale for over 30 days will be blocked/suspended until resolved. This improves the security posture for both the user and GitLab.`
1. When traveling, consider using 1Password in "Travel Mode", see more on that [below](#travel-mode).
1. You can also consider using a [Yubikey](/2016/06/22/gitlab-adds-support-for-u2f/) with GitLab.
1. Use **Full-Disk Encryption** on your work computer and phone. Mac users may<a name="encrypt-home-folder"></a>
......@@ -155,7 +155,7 @@ to [not periodically reset passwords](https://www.ncsc.gov.uk/articles/problems-
[1Password]: https://1password.com
[generate strong passwords]: https://support.1password.com/guides/mac/generate-a-strong-password.html
[1Password TOTP]: #1password-totp
[1Password TOTP]: #two-factor-authentication-and-time-based-one-time-passwords
[Google Authenticator]: https://support.google.com/accounts/answer/1066447?hl=en
[FileVault]: https://support.apple.com/en-us/HT204837
[company call agenda]: https://docs.google.com/document/d/1JiLWsTOm0yprPVIW9W-hM4iUsRxkBt_1bpm3VXV4Muc/edit
......@@ -363,7 +363,6 @@ To create a personal local vault:
1. If you want to setup sync for your new local vault, go to **Preferences > Sync**
### Two Factor Authentication and Time-based One Time Passwords
{: #1password-totp}
There are several ways to get your Two Factor Authentication (2FA) codes.
You can get them sent via SMS or use an app like Google Authenticator to
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment