#weakmfasucks — Public Fediverse posts
Live and recent posts from across the Fediverse tagged #weakmfasucks, aggregated by home.social.
-
@Tutanota : rubbish.
Two WEAK locks may be LESS pointless than one WEAK lock, but they're still pointless. Go read https://www.csoonline.com/article/4147134.
U2F has been superseded by FIDO2 (hardware keys in WebAuthn mode) and Passkeys (example in Dutch: https://todon.nl/@ErikvanStraten/116285192238090438).
Both WebAuthn methods have advantages and disadvantages.
If you don't like them, use a trustworthy passwordmanager and:
• Let it create a unique, random, as long as possible, pw per account
• Make backups of the pw mngr database
• Device compromise means "game over"
• Use Autofill (easy in Android and iOS/iPadOS)
• If Autofill does not automatically retrieve your credentials, it probably is a fake (phishing) website. Do read https://www.troyhunt.com/a-sneaky-phish-just-grabbed-my-mailchimp-mailing-list/
Please stop misinforming people.
#WeakMFAsucks #Weak2FAsucks #FIDO2 #WebAuthn #Passkeys #AutoFill #KeePassium #KeePassDX
-
@Tutanota : rubbish.
Two WEAK locks may be LESS pointless than one WEAK lock, but they're still pointless. Go read https://www.csoonline.com/article/4147134.
U2F has been superseded by FIDO2 (hardware keys in WebAuthn mode) and Passkeys (example in Dutch: https://todon.nl/@ErikvanStraten/116285192238090438).
Both WebAuthn methods have advantages and disadvantages.
If you don't like them, use a trustworthy passwordmanager and:
• Let it create a unique, random, as long as possible, pw per account
• Make backups of the pw mngr database
• Device compromise means "game over"
• Use Autofill (easy in Android and iOS/iPadOS)
• If Autofill does not automatically retrieve your credentials, it probably is a fake (phishing) website. Do read https://www.troyhunt.com/a-sneaky-phish-just-grabbed-my-mailchimp-mailing-list/
Please stop misinforming people.
#WeakMFAsucks #Weak2FAsucks #FIDO2 #WebAuthn #Passkeys #AutoFill #KeePassium #KeePassDX
-
@Tutanota : rubbish.
Two WEAK locks may be LESS pointless than one WEAK lock, but they're still pointless. Go read https://www.csoonline.com/article/4147134.
U2F has been superseded by FIDO2 (hardware keys in WebAuthn mode) and Passkeys (example in Dutch: https://todon.nl/@ErikvanStraten/116285192238090438).
Both WebAuthn methods have advantages and disadvantages.
If you don't like them, use a trustworthy passwordmanager and:
• Let it create a unique, random, as long as possible, pw per account
• Make backups of the pw mngr database
• Device compromise means "game over"
• Use Autofill (easy in Android and iOS/iPadOS)
• If Autofill does not automatically retrieve your credentials, it probably is a fake (phishing) website. Do read https://www.troyhunt.com/a-sneaky-phish-just-grabbed-my-mailchimp-mailing-list/
Please stop misinforming people.
#WeakMFAsucks #Weak2FAsucks #FIDO2 #WebAuthn #Passkeys #AutoFill #KeePassium #KeePassDX
-
@Tutanota : rubbish.
Two WEAK locks may be LESS pointless than one WEAK lock, but they're still pointless. Go read https://www.csoonline.com/article/4147134.
U2F has been superseded by FIDO2 (hardware keys in WebAuthn mode) and Passkeys (example in Dutch: https://todon.nl/@ErikvanStraten/116285192238090438).
Both WebAuthn methods have advantages and disadvantages.
If you don't like them, use a trustworthy passwordmanager and:
• Let it create a unique, random, as long as possible, pw per account
• Make backups of the pw mngr database
• Device compromise means "game over"
• Use Autofill (easy in Android and iOS/iPadOS)
• If Autofill does not automatically retrieve your credentials, it probably is a fake (phishing) website. Do read https://www.troyhunt.com/a-sneaky-phish-just-grabbed-my-mailchimp-mailing-list/
Please stop misinforming people.
#WeakMFAsucks #Weak2FAsucks #FIDO2 #WebAuthn #Passkeys #AutoFill #KeePassium #KeePassDX