confusedbytheBasics @ confusedbytheBasics @lemmy.world

Posts

1

Comments

249

Joined

2 yr. ago

Use a pair of hardware tokens and a long pin if you want maximum security. If you want to use a sync-able software token do that and set a strong pin.

You like long passwords? Go ahead and put one on your passkeys. You don't have to use a short pin.

It is two factor. Something you have, key in TPM or hardware token, and something you know: the PIN. Or if you choose to enable biometric it shifts to two things you have the: key and your face/fingerprint.

Remember you only have limited attempts to guess the PIN and biometric auth is subject to configurable timeout conditions before the PIN is required.

Any security conscious person will use a strong PIN. Many will choose to use biometrics as well for convenience. Most people are still setting their password to Sm3llyK@t42 on every website. A protected key and a 4-digit pin/finger print is a huge leap in security.

What do you mean? Do you not believe the anti-phishing features will work as described for a reason?

Then you have a nice juicy lawsuit. No legal protection is going to prevent a rogue cop from getting your data. https://xkcd.com/538/

Insane take. What other open standards do you believe Google is capable of killing? It's just one company they aren't god.

It doesn’t feel better? Good thing security doesn't care about feelings. The fact is it is more secure no matter what it feels like. Privacy is maintained since you use a new key with each site. There is no IMEI or anything like that in the passkey spec. Social engineering ranges from more difficult to impossible depending on if you use a synced, local software based, or hardware based passkey system.

You have a lot of incorrect assumptions. Read https://support.apple.com/en-us/102195 and https://fidoalliance.org/passkeys/#faq.

Until Google "kills" passkeys as a default for personal accounts? They probably won't. Google can't kill passkeys in general btw, it's an open standard not a Google thing.

They won't be able to compel you before the biometric access timer expires.

Long passwords can still be phished. Passkeys cannot. It's a huge upgrade.

I wonder what country this is. The penalty for publishing piss videos without the right paperwork is probably much more severe than the penalty for pissing in an empty alley.

"Rest of world" Lol. India, Brazil, parts of Italy... the rule is do whatever you want, try not to crash, bigger vehicle has the right of way.

What 11 year old phone is still getting manufacturer updates?

You purposely choose to continue to be wrong because someone else has a shit personality? Has that served you well?

What's the context?

I think you are unknowingly agreeing. Having hiked with typical people most would not notice that bear until it moved, made a sound, or was pointed out by someone paying above average attention.

Or... hot take here: take in the correct information and move forward with your life.

He sells propane and propane accessories for Stricklan propane in Arlan Texas. Everybody knows that!

Is it just me or is this shilling for drug companies? I read the whole thing and it says on average it reduces symptoms by 1 day. That hardly seems worth over prescribing an antiviral.

That not a logo, that's a thumbnail of a large graphic asset. It does not follow any logo design principals and professional designers wouldn't consider it a logo at all. It's cool graphic though.

I want to see a thought provoking comment but I don't have one to offer myself. What to do?

Do you also prefer to drink water out of the toilet? I know taste is subjective but...