David Warkentin ev0rtex

How to use 1Password and 2FA with eTrade

IMPORTANT!
As of May 17, 2020, `python-vipaccess` stopped working for provisioning new Symantec VIP Access tokens (which was its raison d'être).
As of May 27, 2020, it's working again.
It might stop working again. and we might not be able to get it to work again (see #39)

Note: Your password cannot be more than 26 characters for you to use 2FA in general. eTrade makes you enter your 2FA code appened to your password to login and limits the length of password input to 32 characters, thus further restricting the maximum length of your actual password.

Comparison of ZSH frameworks and plugin managers

Changelog

update 1: add a FAQ section
update 2: benchmark chart and feature comparison table
update 3:
- improve the table with missing features for antigen
- new zplg times result

TLDR

In case there's already a DHCP config for netplan for the private IP address:

File: /etc/netplan/50-cloud-init.yaml

Contents:

# This file is generated from information provided by
# the datasource.  Changes to it will not persist across an instance.
# To disable cloud-init's network configuration capabilities, write a file
# /etc/cloud/cloud.cfg.d/99-disable-network-config.cfg with the following:

Exporting your 2FA tokens from Authy to transfer them into another 2FA application

IMPORTANT - Update regarding deprecation of Authy desktop apps

Past August 2024, Authy stopped supported the desktop version of their apps:
See Authy is shutting down its desktop app | The 2FA app Authy will only be available on Android and iOS starting in August for details.

And indeed, after a while, Authy changed something in their backend which now prevents the old desktop app from logging in. If you are already logged in, then you are in luck, and you can follow the instructions below to export your tokens.

If you are not logged in anymore, but can find a backup of the necessary files, then restore those files, and re-install Authy 2.2.3 following the instructions below, and it should work as expected.

1.) Download a Nerd Font

2.) Unzip and copy to ~/.fonts

3.) Run the command fc-cache -fv to manually rebuild the font cache

Setup

Add this to your .profile, .bashrc, .zshrc...

decode_base64_url() {
  local len=$((${#1} % 4))
  local result="$1"
  if [ $len -eq 2 ]; then result="$1"'=='
  elif [ $len -eq 3 ]; then result="$1"'=' 
  fi
 echo "$result" | tr '_-' '/+' | openssl enc -d -base64

Setting up Pi Zero OTG - The quick way (No USB keyboard, mouse, HDMI monitor needed)

More details - http://blog.gbaman.info/?p=791

For this method, alongside your Pi Zero, MicroUSB cable and MicroSD card, only an additional computer is required, which can be running Windows (with Bonjour, iTunes or Quicktime installed), Mac OS or Linux (with Avahi Daemon installed, for example Ubuntu has it built in).
1. Flash Raspbian Jessie full or Raspbian Jessie Lite onto the SD card.
2. Once Raspbian is flashed, open up the boot partition (in Windows Explorer, Finder etc) and add to the bottom of the config.txt file dtoverlay=dwc2 on a new line, then save the file.
3. If using a recent release of Jessie (Dec 2016 onwards), then create a new file simply called ssh in the SD card as well. By default SSH i

	ipv6_regex := `^(([0-9a-fA-F]{1,4}:){7,7}[0-9a-fA-F]{1,4}\|([0-9a-fA-F]{1,4}:){1,7}:\|([0-9a-fA-F]{1,4}:){1,6}:[0-9a-fA-F]{1,4}\|([0-9a-fA-F]{1,4}:){1,5}(:[0-9a-fA-F]{1,4}){1,2}\|([0-9a-fA-F]{1,4}:){1,4}(:[0-9a-fA-F]{1,4}){1,3}\|([0-9a-fA-F]{1,4}:){1,3}(:[0-9a-fA-F]{1,4}){1,4}\|([0-9a-fA-F]{1,4}:){1,2}(:[0-9a-fA-F]{1,4}){1,5}\|[0-9a-fA-F]{1,4}:((:[0-9a-fA-F]{1,4}){1,6})\|:((:[0-9a-fA-F]{1,4}){1,7}\|:)\|fe80:(:[0-9a-fA-F]{0,4}){0,4}%[0-9a-zA-Z]{1,}\|::(ffff(:0{1,4}){0,1}:){0,1}((25[0-5]\|(2[0-4]\|1{0,1}[0-9]){0,1}[0-9])\.){3,3}(25[0-5]\|(2[0-4]\|1{0,1}[0-9]){0,1}[0-9])\|([0-9a-fA-F]{1,4}:){1,4}:((25[0-5]\|(2[0-4]\|1{0,1}[0-9]){0,1}[0-9])\.){3,3}(25[0-5]\|(2[0-4]\|1{0,1}[0-9]){0,1}[0-9]))$`
	ipv4_regex := `^(((25[0-5]\|2[0-4][0-9]\|[01]?[0-9][0-9]?)(\.\|$)){4})`
	domain_regex := `^(?:[a-z0-9](?:[a-z0-9-]{0,61}[a-z0-9])?\.)+[a-z0-9][a-z0-9-]{0,61}[a-z0-9]$`

	match, _ := regexp.MatchString(ipv4_regex+`\|`+ipv6_regex+`\|`+domain_regex, host)
	if match {
	fmt.Println("Input is valid")
	} else {
	fmt.Println("Given input does not match")
	re

	#!/usr/bin/env bash

	# Usage: sudo ./restore_functionality.sh

	#ps aux \| grep sentinel \| awk -F " +" '{print $2}' \| xargs kill
	while true; do
	launchctl kill SIGKILL system/com.crowdstrike.falcond
	launchctl kill SIGKILL system/com.crowdstrike.userdaemon
	launchctl kill SIGKILL system/com.sentinelone.sentineld
	launchctl kill SIGKILL system/com.sentinelone.sentineld-helper

	OKTA_DOMAIN= # e.g. example.okta.com
	curl -d '{ "username":"$USERNAME","password":"$PASSWORD" }' -c cookie_jar.txt \
	-H "Content-Type: application/json" -b cookie_jar.txt -c cookie_jar.txt \
	https://$OKTA_DOMAIN/api/v1/authn > auth.json

	{
	"stateToken": "00oBpbTzKnRdKLYvc8yNBdFTusuoS4KUhdANgrMsOt",
	"expiresAt": "2019-07-08T22:54:32.000Z",
	"status": "MFA_REQUIRED",
	"_embedded": {