WearablesDevCon is a conference about wearable technology from March 5 – 7 over in San Francisco.
I’m going to be giving two talks:
A tutorial called “Transitioning from Android to Google Glass” where I will take people from building apps for Android (and mobile devices in general) to Glass.
I’m also going to go in-depth into live cards in my talk “Deep Dive into Google Glass Live Cards.”
I’m really excited about Google Glass. I think it is going to be the premiere wearable general computing platform. I’m also interested in seeing what other wearable technologies are out there. If you’re interested in Wearables, then check out WearablesDevCon. If you use my last name “DELAROSA” as a coupon code, I think you get an extra discount.
My source code is really valuable to me. So I like to secure it as much as possible. GitHub does a good job of securing things on their end. I use SSH to pull and push my code so that it is securely transmitted over the network to my computer.
However, there is still a potential problem with having a single password to log in to the GitHub website. That log in also allows access to your code. If someone wanted to pull from one of my repositories, they would have to have my SSH private key (and password) which is on my computer. If they somehow figured out my password, they could just log in from anywhere. How can I stop that from happening? Obviously, generating a random, unique password using a password generator like 1Password will help. But that isn’t enough, since someone could stand behind you and watch you type it in on your computer or phone, then later impersonate you.
What I need is Two Factor Authentication. This makes it so that an attacker needs both my password AND a physical device (i.e. the phone I carry around.) That device either receives an SMS with a code or has a synchronized authenticator app that generates a code that I enter in my password. It is easy to enable this on GitHub and I recommend that everyone do so.
To enable Two Factor Auth, follow the instructions at: https://help.github.com/articles/about-two-factor-authentication
Note that for ongoing authentication, I personally use Google Authenticator but others like to use Authy. You can also use SMS to get your codes if you prefer.
I have my backup recovery codes stored away in case of emergency. These are useful if you lose your device – you have to make sure these are also kept secure.