nobody should be allowed to work in computer security until they've spent several years doing technical support for end users who can't access their photos of their grandkids because some ASSHOLE in silicon valley decided that they needed to be locked down like the fucking vault at fort knox
undefined
async sjolsen
@sjolsen@tech.lgbt
Posts
-
hey what's up with this "passkey" thing i keep hearing about? -
hey what's up with this "passkey" thing i keep hearing about?people writing down the password to their work computer and taping it to the monitor is a problem. sure. a hardware passkey is a solution to this. but for most people in most circumstances, writing down passwords to their personal devices in a way that they (a) are recoverable in case nana loses her ipad or whatever and (b) are recoverable by family in case nana fucking dies, is a FEATURE. NOT A BUG.
-
hey what's up with this "passkey" thing i keep hearing about?This eliminates common vulnerabilities such as: [...] Poor client-side password storage (e.g., written down, stored in phone contacts).
where is my fucking hammer
-
hey what's up with this "passkey" thing i keep hearing about?every single problem this purports to solve for normal consumers has already been solved better by web browsers that implement password generation and autofill
-
hey what's up with this "passkey" thing i keep hearing about?they can be used with password managers? great! you know what else can be used with password managers? PASSWORDS.
-
hey what's up with this "passkey" thing i keep hearing about?tying authentication to hardware like a yubikey or tpm makes a lot of sense in the corporate environments that gestate these brain geniuses. for consumer use cases it is fucking insane. a thousand years in super hell for all of you.
-
hey what's up with this "passkey" thing i keep hearing about?Passkey is the de facto non-technical term for a WebAuthn credential.[5][6] It is widely used in situations where jargon is unhelpful,
you can't see me but i'm making the jim office face at the camera rn
-
hey what's up with this "passkey" thing i keep hearing about?hey what's up with this "passkey" thing i keep hearing about? is it one of those things computer security dingbats come up with every few years that purports to solve problems with existing workflows but does it by making assumptions that don't hold for 40–60% of users and ultimately end up making things both less convenient and less secure? surely not
-
thinking about https://en.wikipedia.org/wiki/Gr%C4%81ppleyou ever think about how in english we're taught that there are five vowels with long and short versions but the long and short versions actually aren't long and short, they're just straight up different vowels
-
thinking about https://en.wikipedia.org/wiki/Gr%C4%81pplehow is grāby formed
-
thinking about https://en.wikipedia.org/wiki/Gr%C4%81ppleHow Is A GrāpplePlus® Brand Apple Made?
-
thinking about https://en.wikipedia.org/wiki/Gr%C4%81pplethinking about https://en.wikipedia.org/wiki/Gr%C4%81pple