this post was submitted on 11 Mar 2024
199 points (100.0% liked)
technology
23303 readers
333 users here now
On the road to fully automated luxury gay space communism.
Spreading Linux propaganda since 2020
- Ways to run Microsoft/Adobe and more on Linux
- The Ultimate FOSS Guide For Android
- Great libre software on Windows
- Hey you, the lib still using Chrome. Read this post!
Rules:
- 1. Obviously abide by the sitewide code of conduct. Bigotry will be met with an immediate ban
- 2. This community is about technology. Offtopic is permitted as long as it is kept in the comment sections
- 3. Although this is not /c/libre, FOSS related posting is tolerated, and even welcome in the case of effort posts
- 4. We believe technology should be liberating. As such, avoid promoting proprietary and/or bourgeois technology
- 5. Explanatory posts to correct the potential mistakes a comrade made in a post of their own are allowed, as long as they remain respectful
- 6. No crypto (Bitcoin, NFT, etc.) speculation, unless it is purely informative and not too cringe
- 7. Absolutely no tech bro shit. If you have a good opinion of Silicon Valley billionaires please manifest yourself so we can ban you.
founded 4 years ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
Who the fuck is putting cryptographic keys which can dispossess them of so much money on a phone to begin with?
Let them bitch about a malicious app dev stealing it, at least they still have their thumbs.
The same sorts of people who are enthusiastically embracing Google's "Passkey" scam.
how are passkeys a scam
Because it's just a glorified password manager. But instead of your master password being kept securely in your head, your master password is now in the hands of Google or Apple or Microsoft.
KeePassXC just today released support for storing passkeys in your own keepass database file. And they're not just "glorified passwords". They're private keys that use challenge-response authentication so they're never actually sent over the network. Harder to compromise.
Using passkeys with some kind of personal database is ultimately an objective improvement over hodge podge username and password mechanisms, so they're only going to continue being adopted further.
The only case they don't really work for is when you want to log in to a computer that doesn't have access to your passkeys.
KeePass(XC) is open-source.
You don't actually use your brain lmao. How many online accounts do you have?
I’m sure tens of millions of people said that before being breached and having their password “John1974Smith” leaked. Maybe don’t say anything if you don’t understand basic security protocols and technology.
The average person is not a special boy like you. You’re literally in a post showcasing what the average person is like with their information. Security is meant to protect against those people.
KeePassXC is self-hosted on your local machine. There's no third party to compromise because it's just you who has access, offline.
My password database has over 300 credentials. I think most people have more credentials for things (online accounts, also physical locks, device passwords, etc.) than they can remember.
You are being reactionary.