Conversation

Notices

1. Basades Kaiser (basadeskaiser@cawfee.club)'s status on Tuesday, 12-Sep-2023 23:51:51 JST Basades Kaiser
   I hate multifactor authentication, I hate sms, I hate emails, I hate above all else, authenticator applications you have to install in your phone and that never send the notification or just silently send it over.
   I hate them I hate them I hate them.
   Just let me use an user and pasaword like every normal person.
   Yes I am me!
   These are not nuclear codes we're dealing with. Wich I would require a passphrase book printed on paper behind a safe with two keys that need to be opeeated by two people.
   I just want to log in into a vpn and get work done.
   • xianc78 and Woggy's Zeonic Frolicks like this.
   • Machismo (zerglingman@freespeechextremist.com)'s status on Tuesday, 12-Sep-2023 23:51:50 JST Machismo

     in reply to
     @basadeskaiser If only we had a way of submitting very big passwords without ever actually revealing what they are.
   • Woggy's Zeonic Frolicks (washedoutgundampilot@poa.st)'s status on Wednesday, 13-Sep-2023 02:00:15 JST Woggy's Zeonic Frolicks

     in reply to

     • ☪️Hyperhidrosis :verified:
     • blaaablaaaa

     “Thank you for authenticating with your touchprint® ID. Please continue the login process by responding to our email”

   • blaaablaaaa (blaaablaaaa@hermit.cafe)'s status on Wednesday, 13-Sep-2023 02:00:16 JST blaaablaaaa

     in reply to

     • ☪️Hyperhidrosis :verified:
     "We only allow biometrics now! It's so much quicker than entering your saved password!"
   • ☪️Hyperhidrosis :verified: (hyperhidrosis@shitposter.club)'s status on Wednesday, 13-Sep-2023 02:00:17 JST ☪️Hyperhidrosis :verified:

     in reply to
     @basadeskaiser nooo we need your phone number and coordinates :soy:
   • Basades Kaiser (basadeskaiser@cawfee.club)'s status on Wednesday, 13-Sep-2023 02:00:17 JST Basades Kaiser

     in reply to

     • ☪️Hyperhidrosis :verified:
     @Hyperhidrosis need credit card number, birth certificate, blockbuster member card, fingerprints, 30 witnesses a sworn declaration signed by an attorney and a written letter signed by a ship captain sent over certified mail. And you have 30 seconds before you need to refresh the authorization code.
   • Sir Nedwood - Sydney 🇦🇺 (ned@noagendasocial.com)'s status on Sunday, 17-Sep-2023 19:52:54 JST Sir Nedwood - Sydney 🇦🇺

     in reply to

     • Machismo

     @Zerglingman @basadeskaiser what are your thoughts on SQRL? It's basically an application that provides a public key to a website via generated url for authentication. The website provides the link at login, you click it, and if the application is authenticated, your Web session is authenticated.

   • Machismo (zerglingman@freespeechextremist.com)'s status on Sunday, 17-Sep-2023 19:57:59 JST Machismo

     in reply to

     • Sir Nedwood - Sydney 🇦🇺
     @ned @basadeskaiser My memory, from reading the spec a while ago, is that it's a somewhat convoluted way to do a key management tool + auth protocol. W3C adopted it was webauthn, which almost nobody supports (草), and is specifically designed for http.
     Also there were a lot of people saying SQRL is a scam, which as far as I could tell was because they just had some grudge against the dude that wrote it; since SRQL is a spec and thus, by definition, cannot be a scam.
     I'd certainly rather be using it than passwords, at least, but I think how ssh does it is fine.