#u2f — Public Fediverse posts
Live and recent posts from across the Fediverse tagged #u2f, aggregated by home.social.
-
CW: CW 2FA Passkeys
-
CW: CW 2FA Passkeys
-
CW: CW 2FA Passkeys
-
CW: CW 2FA Passkeys
-
CW: CW 2FA Passkeys
-
I was tired of typing in my long passphrase constantly on my laptop, so I got myself a Yubikey. Now I have a shirt but secure PIN
-
I was tired of typing in my long passphrase constantly on my laptop, so I got myself a Yubikey. Now I have a shirt but secure PIN
-
I was tired of typing in my long passphrase constantly on my laptop, so I got myself a Yubikey. Now I have a shirt but secure PIN
-
I was tired of typing in my long passphrase constantly on my laptop, so I got myself a Yubikey. Now I have a shirt but secure PIN
-
I was tired of typing in my long passphrase constantly on my laptop, so I got myself a Yubikey. Now I have a shirt but secure PIN
-
А сейчас какие-то ключи для двухфакторки возможно в Россию заказать не за сотни денег?
Хотя бы до 4 тыр, ну или какие сейчас цены на них.Я вообще в этой теме не шарю.
Yubikey 5 стоит в районе 8 тыр, Yubikey SK стоит 4 тыр. ХЗ чем они различаются.
Я пробовал подобное с флиппером делать, но там файлик с флешки спереть как нефиг. делать
-
А сейчас какие-то ключи для двухфакторки возможно в Россию заказать не за сотни денег?
Хотя бы до 4 тыр, ну или какие сейчас цены на них.Я вообще в этой теме не шарю.
Yubikey 5 стоит в районе 8 тыр, Yubikey SK стоит 4 тыр. ХЗ чем они различаются.
Я пробовал подобное с флиппером делать, но там файлик с флешки спереть как нефиг. делать
-
А сейчас какие-то ключи для двухфакторки возможно в Россию заказать не за сотни денег?
Хотя бы до 4 тыр, ну или какие сейчас цены на них.Я вообще в этой теме не шарю.
Yubikey 5 стоит в районе 8 тыр, Yubikey SK стоит 4 тыр. ХЗ чем они различаются.
Я пробовал подобное с флиппером делать, но там файлик с флешки спереть как нефиг. делать
-
А сейчас какие-то ключи для двухфакторки возможно в Россию заказать не за сотни денег?
Хотя бы до 4 тыр, ну или какие сейчас цены на них.Я вообще в этой теме не шарю.
Yubikey 5 стоит в районе 8 тыр, Yubikey SK стоит 4 тыр. ХЗ чем они различаются.
Я пробовал подобное с флиппером делать, но там файлик с флешки спереть как нефиг. делать
-
What is #U2F used for and what are the benefits?
-
What is #U2F used for and what are the benefits?
-
What is #U2F used for and what are the benefits?
-
What is #U2F used for and what are the benefits?
-
What is #U2F used for and what are the benefits?
-
I login maybe once a year on my domain registrar's website (Gandi). Something has changed in both Firefox/Chromium since last time, because neither of them accepted any of my Yubikeys anymore: it prompted for a PIN, and I don't remember setting one! (I set one on the OpenPGP application, but that PIN is not accepted for FIDO2).
Temporarily disabling FIDO2 allowed the login to succeed as documented here: https://support.yubico.com/s/article/Understanding-YubiKey-PINs https://support.yubico.com/s/article/Enabling-or-disabling-applications
Note that this does *not* reset FIDO2 (Which IIUC would delete the FIDO U2F key too).
In that case IIUC it uses FIDO U2F instead of FIDO2 with a PIN. Although this seems like a bug, why doesn't the browser offer me the option of using U2F when I reject providing a FIDO2 PIN? Clearly all this worked fine several years ago when I initially registered the Yubikeys.
#FIDO2 #Yubikey #U2F -
Some time ago I mentioned Yubikey migration. Unfortunately in work I have to deal with #Microsoft and #Google services. Besides confusing #authentication settings UI I noticed interesting thing - both services in own way mixed #U2F and #passkeys in settings. It basically wasn't possible to know what I was going to set. Even terms used on popups were different in different process stages.
Later I could check it was saved on Yubikey as passkeys and it was probably the only way to be sure.
Now I wonder, why these settings were so mixed. Did they do it purposely? Just their "normal" UI/UX chaos?
Anyone who uses more mainstream, passkey-supporting services saw something similar? I didn't saw any other passkeys "in the wild" to compare. -
Some time ago I mentioned Yubikey migration. Unfortunately in work I have to deal with #Microsoft and #Google services. Besides confusing #authentication settings UI I noticed interesting thing - both services in own way mixed #U2F and #passkeys in settings. It basically wasn't possible to know what I was going to set. Even terms used on popups were different in different process stages.
Later I could check it was saved on Yubikey as passkeys and it was probably the only way to be sure.
Now I wonder, why these settings were so mixed. Did they do it purposely? Just their "normal" UI/UX chaos?
Anyone who uses more mainstream, passkey-supporting services saw something similar? I didn't saw any other passkeys "in the wild" to compare. -
Some time ago I mentioned Yubikey migration. Unfortunately in work I have to deal with #Microsoft and #Google services. Besides confusing #authentication settings UI I noticed interesting thing - both services in own way mixed #U2F and #passkeys in settings. It basically wasn't possible to know what I was going to set. Even terms used on popups were different in different process stages.
Later I could check it was saved on Yubikey as passkeys and it was probably the only way to be sure.
Now I wonder, why these settings were so mixed. Did they do it purposely? Just their "normal" UI/UX chaos?
Anyone who uses more mainstream, passkey-supporting services saw something similar? I didn't saw any other passkeys "in the wild" to compare. -
Some time ago I mentioned Yubikey migration. Unfortunately in work I have to deal with #Microsoft and #Google services. Besides confusing #authentication settings UI I noticed interesting thing - both services in own way mixed #U2F and #passkeys in settings. It basically wasn't possible to know what I was going to set. Even terms used on popups were different in different process stages.
Later I could check it was saved on Yubikey as passkeys and it was probably the only way to be sure.
Now I wonder, why these settings were so mixed. Did they do it purposely? Just their "normal" UI/UX chaos?
Anyone who uses more mainstream, passkey-supporting services saw something similar? I didn't saw any other passkeys "in the wild" to compare. -
Some time ago I mentioned Yubikey migration. Unfortunately in work I have to deal with #Microsoft and #Google services. Besides confusing #authentication settings UI I noticed interesting thing - both services in own way mixed #U2F and #passkeys in settings. It basically wasn't possible to know what I was going to set. Even terms used on popups were different in different process stages.
Later I could check it was saved on Yubikey as passkeys and it was probably the only way to be sure.
Now I wonder, why these settings were so mixed. Did they do it purposely? Just their "normal" UI/UX chaos?
Anyone who uses more mainstream, passkey-supporting services saw something similar? I didn't saw any other passkeys "in the wild" to compare. -
-
-
-
-
-
-
-
-
-
-
Actually, you just significantly reduced my security, Gandi. You should have let the users manage this transition, or at least warn them ahead of time what was going to happen if they didn't.
Replacing unphishable auth (old school U2F is still quite functional!) with phishable auth (email) without user consent is not acceptable.
-
Actually, you just significantly reduced my security, Gandi. You should have let the users manage this transition, or at least warn them ahead of time what was going to happen if they didn't.
Replacing unphishable auth (old school U2F is still quite functional!) with phishable auth (email) without user consent is not acceptable.
-
Actually, you just significantly reduced my security, Gandi. You should have let the users manage this transition, or at least warn them ahead of time what was going to happen if they didn't.
Replacing unphishable auth (old school U2F is still quite functional!) with phishable auth (email) without user consent is not acceptable.
-
Actually, you just significantly reduced my security, Gandi. You should have let the users manage this transition, or at least warn them ahead of time what was going to happen if they didn't.
Replacing unphishable auth (old school U2F is still quite functional!) with phishable auth (email) without user consent is not acceptable.
-
Actually, you just significantly reduced my security, Gandi. You should have let the users manage this transition, or at least warn them ahead of time what was going to happen if they didn't.
Replacing unphishable auth (old school U2F is still quite functional!) with phishable auth (email) without user consent is not acceptable.
-
had a nice (but crowded) time at the anarchist book fair workshops today, specifically the one about not owning a phone! lots of great convos, philosophies, and modes of existence without cell phone!
lots of interest about, and shoutouts for @cwtch, @delta, and @briar -- e2ee (group) messengers that dont require a phone number (as a replacement for @signalapp)
lots of interest in #U2F, #FIDO2 hardware #2FA devices (as a replacement for SMS or push). i also recommend @keepassxc for keeping TOTP tokens!
really appreciated hearing all the side conversations about @tails, @Mastodon, and other decentralized tech
they are already planning the next one in 2026! anarchistbookfairamsterdam.org @AFA
#anarchistbookfairamsterdam #amsterdam #anarchism #bookfair #anarchistbookfair #activism #netherlands #antifascism
-
had a nice (but crowded) time at the anarchist book fair workshops today, specifically the one about not owning a phone! lots of great convos, philosophies, and modes of existence without cell phone!
lots of interest about, and shoutouts for @cwtch, @delta, and @briar -- e2ee (group) messengers that dont require a phone number (as a replacement for @signalapp)
lots of interest in #U2F, #FIDO2 hardware #2FA devices (as a replacement for SMS or push). i also recommend @keepassxc for keeping TOTP tokens!
really appreciated hearing all the side conversations about @tails, @Mastodon, and other decentralized tech
they are already planning the next one in 2026! anarchistbookfairamsterdam.org @AFA
#anarchistbookfairamsterdam #amsterdam #anarchism #bookfair #anarchistbookfair #activism #netherlands #antifascism
-
had a nice (but crowded) time at the anarchist book fair workshops today, specifically the one about not owning a phone! lots of great convos, philosophies, and modes of existence without cell phone!
lots of interest about, and shoutouts for @cwtch, @delta, and @briar -- e2ee (group) messengers that dont require a phone number (as a replacement for @signalapp)
lots of interest in #U2F, #FIDO2 hardware #2FA devices (as a replacement for SMS or push). i also recommend @keepassxc for keeping TOTP tokens!
really appreciated hearing all the side conversations about @tails, @Mastodon, and other decentralized tech
they are already planning the next one in 2026! anarchistbookfairamsterdam.org @AFA
#anarchistbookfairamsterdam #amsterdam #anarchism #bookfair #anarchistbookfair #activism #netherlands #antifascism
-
had a nice (but crowded) time at the anarchist book fair workshops today, specifically the one about not owning a phone! lots of great convos, philosophies, and modes of existence without cell phone!
lots of interest about, and shoutouts for @cwtch, @delta, and @briar -- e2ee (group) messengers that dont require a phone number (as a replacement for @signalapp)
lots of interest in #U2F, #FIDO2 hardware #2FA devices (as a replacement for SMS or push). i also recommend @keepassxc for keeping TOTP tokens!
really appreciated hearing all the side conversations about @tails, @Mastodon, and other decentralized tech
they are already planning the next one in 2026! anarchistbookfairamsterdam.org @AFA
#anarchistbookfairamsterdam #amsterdam #anarchism #bookfair #anarchistbookfair #activism #netherlands #antifascism
-
had a nice (but crowded) time at the anarchist book fair workshops today, specifically the one about not owning a phone! lots of great convos, philosophies, and modes of existence without cell phone!
lots of interest about, and shoutouts for @cwtch, @delta, and @briar -- e2ee (group) messengers that dont require a phone number (as a replacement for @signalapp)
lots of interest in #U2F, #FIDO2 hardware #2FA devices (as a replacement for SMS or push). i also recommend @keepassxc for keeping TOTP tokens!
really appreciated hearing all the side conversations about @tails, @Mastodon, and other decentralized tech
they are already planning the next one in 2026! anarchistbookfairamsterdam.org @AFA
#anarchistbookfairamsterdam #amsterdam #anarchism #bookfair #anarchistbookfair #activism #netherlands #antifascism
-
Ważna informacja dla użytkowników kluczy U2F na X (Twitterze) [poradnik]
X (Twitter) ogłosił, że 10 listopada całkowicie przestanie używać starej domeny twitter[.]com. O ile znaczna większość funkcjonalności platformy została bezproblemowo przeniesiona na x[.]com, o tyle jedna – dość istotna – nie daje takiej możliwości. TLDR: Mowa o sprzętowych kluczach U2F (choć precyzyjnie mówiąc, chodzi o urządzenia w standardzie FIDO2), które...
#WBiegu #2Fa #Awareness #Klucze #Twitter #U2f #X
https://sekurak.pl/wazna-informacja-dla-uzytkownikow-kluczy-u2f-na-x-twitterze-poradnik/
-
Ważna informacja dla użytkowników kluczy U2F na X (Twitterze) [poradnik]
X (Twitter) ogłosił, że 10 listopada całkowicie przestanie używać starej domeny twitter[.]com. O ile znaczna większość funkcjonalności platformy została bezproblemowo przeniesiona na x[.]com, o tyle jedna – dość istotna – nie daje takiej możliwości. TLDR: Mowa o sprzętowych kluczach U2F (choć precyzyjnie mówiąc, chodzi o urządzenia w standardzie FIDO2), które...
#WBiegu #2Fa #Awareness #Klucze #Twitter #U2f #X
https://sekurak.pl/wazna-informacja-dla-uzytkownikow-kluczy-u2f-na-x-twitterze-poradnik/