hey what's up with this "passkey" thing i keep hearing about?
Uncategorized
8
Posts
1
Posters
0
Views
-
hey what's up with this "passkey" thing i keep hearing about? is it one of those things computer security dingbats come up with every few years that purports to solve problems with existing workflows but does it by making assumptions that don't hold for 40–60% of users and ultimately end up making things both less convenient and less secure? surely not
-
hey what's up with this "passkey" thing i keep hearing about? is it one of those things computer security dingbats come up with every few years that purports to solve problems with existing workflows but does it by making assumptions that don't hold for 40–60% of users and ultimately end up making things both less convenient and less secure? surely not
Passkey is the de facto non-technical term for a WebAuthn credential.[5][6] It is widely used in situations where jargon is unhelpful,
you can't see me but i'm making the jim office face at the camera rn
-
Passkey is the de facto non-technical term for a WebAuthn credential.[5][6] It is widely used in situations where jargon is unhelpful,
you can't see me but i'm making the jim office face at the camera rn
tying authentication to hardware like a yubikey or tpm makes a lot of sense in the corporate environments that gestate these brain geniuses. for consumer use cases it is fucking insane. a thousand years in super hell for all of you.
-
tying authentication to hardware like a yubikey or tpm makes a lot of sense in the corporate environments that gestate these brain geniuses. for consumer use cases it is fucking insane. a thousand years in super hell for all of you.
they can be used with password managers? great! you know what else can be used with password managers? PASSWORDS.
-
they can be used with password managers? great! you know what else can be used with password managers? PASSWORDS.
every single problem this purports to solve for normal consumers has already been solved better by web browsers that implement password generation and autofill
-
every single problem this purports to solve for normal consumers has already been solved better by web browsers that implement password generation and autofill
This eliminates common vulnerabilities such as: [...] Poor client-side password storage (e.g., written down, stored in phone contacts).
where is my fucking hammer
-
This eliminates common vulnerabilities such as: [...] Poor client-side password storage (e.g., written down, stored in phone contacts).
where is my fucking hammer
people writing down the password to their work computer and taping it to the monitor is a problem. sure. a hardware passkey is a solution to this. but for most people in most circumstances, writing down passwords to their personal devices in a way that they (a) are recoverable in case nana loses her ipad or whatever and (b) are recoverable by family in case nana fucking dies, is a FEATURE. NOT A BUG.
-
people writing down the password to their work computer and taping it to the monitor is a problem. sure. a hardware passkey is a solution to this. but for most people in most circumstances, writing down passwords to their personal devices in a way that they (a) are recoverable in case nana loses her ipad or whatever and (b) are recoverable by family in case nana fucking dies, is a FEATURE. NOT A BUG.
nobody should be allowed to work in computer security until they've spent several years doing technical support for end users who can't access their photos of their grandkids because some ASSHOLE in silicon valley decided that they needed to be locked down like the fucking vault at fort knox
-
undefined Oblomov shared this topic on
Gli ultimi otto messaggi ricevuti dalla Federazione
-
L’era dei Paywall è finita? I Browser intelligenti l’aggirano e controllarli è molto difficile
📌 Link all'articolo : https://www.redhotcyber.com/post/lera-dei-paywall-e-finita-i-browser-intelligenti-laggirano-e-controllarli-e-molto-difficile/
#redhotcyber #hacking #cti #ai #online #it #cybercrime #cybersecurity #technology #news #cyberthreatintelligence #innovation #privacy
-
I've been on Meetic first and then on Tinder.
My privilege, as a man, is that I'm not exposed to threats, I never felt endangered, while a woman also have to cope with that.
This being said, I think that whoever uses dating apps can tell stories about how ridiculously (to say the least) people behave over there.
Dating apps are the place to be if you really want to have a look at humankind from the inside, and most of time that's disheartening.
I could tell you about many women I met on dating apps that (in my opinion) should be sent to a crash course on manners.
Everyone has their own cross to bear... 🙂
-
Ve meritate er poeta della serra™
-
@OldManToast Let's hope not.
-
@bnewbold.net I don't think it's material to the discussion today, but I'd be happy to help out with your comparison slides next time you want to talk about ActivityPub.
-
@bnewbold.net I also think that we provide location-independent addressing; we just do it in the way other Web systems do, with DNS. You can move a Mastodon installation from one hosting service to another, re-map the DNS, and the server is live on the network again.
-
@bnewbold.net your comparison slide misrepresents ActivityPub somewhat in two ways.
1. We do distribute data, not just metadata, including binary data. It can be pushed, or it can be pulled.
2. It's not just a message-passing system; it's a distributed data store. Every object on the network can be fetched directly using its `id`, which is an HTTPS URL.
-
E-007887
