Hello fellow BearBloggers (BBs? Babies? someone stop me I am going insane). Didn't post in a while and I had something planned but life always gives us the best little surprises. I am here to scream. What the fuck is wrong with online logins? Just to begin with, I need an account for absolutely anything. Want to use this cool webapp? Well give me your email address, create a username, and have even more freaking data points in your life, surely nobody will try to exploit those to learn more about you/your environment and weaponize it against your interests! Check this cool ad! Secondly, didn't we already figure this one out? We have been logging into sites... forever (aprox). You have a username/email and a password. You are concerned of security (as you should) and setup 2FA (because surely the service provides such basic auth mechanisms, right?). So what do we do? Use existing, public, free and secure standards and hashing for creating 6-digit TOTP? Fuck no. Open that email inbox…
No comments yet. Log in to reply on the Fediverse. Comments will appear here.