bigfoot, not bigot
- 0 Posts
- 8 Comments
Joined 3 years ago
Cake day: June 9th, 2023
You are not logged in. If you use a Fediverse account that is able to follow users, you can follow this user.
57·1 month agowhy return to US?
2·6 months agothat’s like calling strong randomly generated passwords 1.5FA.
with proper MFA, even if you steal my password (database), you won’t be able to steal my account, as you’re missing the second factor. with classic otp this is just a single use number you enter on the potentially compromised system, but if you get the seed (secret) stolen, valid numbers can be generated continuously.
password managers (should) protect against reuse. MFA protects against logins on untrusted and potentially compromised systems/keyloggers if they’re not extracted live. password managers with auto fill and phishing resistant MFA can prevent phising, although the password manager variant is still easily bypassed when the user isn’t paying enough attention, as it’s not even that uncommon for login domains to change. obviously there are also other risks on compromised devices, like session cookie exfiltration, and there is a lot of bullshit info around from websites, especially the ones harvesting phone numbers while claiming to require it for 2FA just to gaslight users.
FreeOTP/FreeOTP+
depending on your goal for this (real 2fa vs just simulated) you shouldn’t have sync in the first place.
you could also look into security keys (hardware solution, webauthn/FIDO2) as an alternative that has strong security with good user experience (no typing anymore), but they’re not as widely accepted.
2·11 months agoyou can also just check
dpkg -L $installed_package_name | grep /etc/apt/to find files that would have been installed by the package there.
2·1 year agonone of those technologies that you mentioned execute on the browser at all
sounds like you haven’t met webassembly yet :D
- https://github.com/seanmorris/php-wasm
- https://github.com/ruby/ruby.wasm
- https://github.com/m-butterfield/django_webassembly
please don’t take this as a recommendation to use that, but it does exist.
that’s odd, my (indirect, reported by others) experience with GlobalProtect on Linux was mostly fine, although when using SAML it only really works with the GUI version and not the CLI version
yes