search

2factorauth / twofactorauth

List of sites with two factor auth support which includes SMS, email, phone calls, hardware, and software.
https://2fa.directory
Other
3.37k stars 1.77k forks source link

The twofactorauth[.]org site has been taken over #5238

Closed natevw closed 3 years ago

natevw commented 3 years ago

Sometime in the last week or two the twofactorauth[dot]org and 2factorauth[dot]org domains that publicly hosted this content were taken over. They now direct to a Br*inSt*tion domain which is some sort of gig economy correspondence course thing.

Did the original domains expire and somebody snatched them up? At least it's currently redirecting to seemingly good-faith 2FA handbook with Cybersecurity Career training advertisements sprinkled throughout, rather than the usual SEO squatter "seek 100% best timeshare in Tahiti"–type keyword salad 😆

Carlgo11 commented 3 years ago

Thanks for the report @natevw. The person who owned the domain recently left the project due to a dispute. It looks like said person sold off the domain twofactorauth.org to make a quick buck after they left.

2factorauth.org is owned by someone not linked with this project and that domain just points to twofactorauth.org.

At the moment we don't have a domain name for the project and until we do I'm afraid the project is on hold 😞

betsythefc commented 3 years ago

@Carlgo11, is the issue funds for a domain name, or a place to host it, or what for getting a new one?

Carlgo11 commented 3 years ago

Mainly just that all the good names are already taken.

beerisgood commented 3 years ago

maybe work together with https://github.com/nitrokey/dongleauth / @Nitrokey ?

betsythefc commented 3 years ago

I see several domain names available that make sense, straying away from the gTLDs, like:

There are also some alternative names we could go with, open2fadb.(whatever).

natevw commented 3 years ago

Sorry to hear that, bummer!

It looks like the site was already deployed as static assets and static pages — perhaps it could be brought back up via Github Pages without a custom domain in the short term?

The sort of advantage is that at least then the repository and the site are under consistent technical controls. Having "all the eggs" in the Github basket is a tradeoff too, but might be appropriate for a side project since it's basically free + hands-off hosting for as long as they keep offering it….

phallobst commented 3 years ago

For now, the new home is https://2fa.directory

beerisgood commented 3 years ago

For now, the new home is https://2fa.directory

using this GitHub repository as website like @natevw wrote about, would be much better. The new domain looks too different.

sanjay commented 3 years ago

The tweet button (and likely the others, I didn't check) still points to twofactorauth.org. No reason to keep giving those folks more traffic. So sorry this happened but this highlights why an individual should possibly not own a domain for a public project like this. Would be great if some org would step up and own the domains for projects to maintain continuity.

mathstuf commented 3 years ago

So sorry this happened but this highlights why an individual should possibly not own a domain for a public project like this. Would be great if some org would step up and own the domains for projects to maintain continuity.

The SPI might be of interest then? The SFC might as well, but it's probably a bit more than is needed here.

conorgil commented 3 years ago

Someone on Twitter pointed out to me that the domain twofactorauth.org no longer points to this project.

Wow, that really sucks. 😢

I own the domain 2factorauth.org and was previously redirecting it to twofactorauth.org to support the project. I just stopped redirecting to the old domain because I have no interest in helping out BrainStation.

Instead, I updated 2factorauth.org to redirect to the new domain for this project: 2fa.directory.

Clearly, this does not solve the problem of the old core domain, but I think it does help a little bit! Best I can do.

40504 commented 3 years ago

Someone on Twitter pointed out to me that the domain twofactorauth.org no longer points to this project.

Wow, that really sucks. 😢

I own the domain 2factorauth.org and was previously redirecting it to twofactorauth.org to support the project. I just stopped redirecting to the old domain because I have no interest in helping out BrainStation.

Instead, I updated 2factorauth.org to redirect to the new domain for this project: 2fa.directory.

Clearly, this does not solve the problem of the old core domain, but I think it does help a little bit! Best I can do.

It was me :)

karasuhebi commented 2 years ago

I see several domain names available that make sense, straying away from the gTLDs, like:

  • twofactorauth.directory
  • twofactorauth.info

There are also some alternative names we could go with, open2fadb.(whatever).

Sorry for necroing an old Issue but I wanted to ask: What's wrong with gTLDs? And also, isn't .directory a gTLD?

kmpoppe commented 2 years ago

As 2fa.directory was available we've selected that one, there's nothing wrong with gTLDs inherently.