BLUE

Csignorina37.rfeed.itSep 30, 2024 1:26pm

"Eh ma tanto basta cambiare la password!" NO. NO e NO! La #password #passkey e mai usare la stessa password per tutti gli account. >>>

Rransomfeed.rfeed.itSep 30, 2024 10:15am

Meta fined €91M for storing user passwords in plaintext: in 2019 passwords were easily accessible to more than 2k engineers. Not a slip, it’s a full-on failure to respect user #privacy, and every #security policy, as #Facebook leaked passwords databases are recurringly sold on the dark web.

Nfrost.wolfdo.gg.ap.brid.gySep 30, 2024 8:11am

annoying niche problem: trying to sign into google on a new device, but the browser it's using is so outdated that it gets stuck trying to bring up the passkey prompt for 2FA

leviticus-aru.bsky.socialSep 28, 2024 12:56pm

在公共电脑上通过蓝牙与手机上的 Passkey 通信可以实现登录，但是大部分公共电脑其实并没有蓝牙🤥

Aazu.bsky.socialSep 28, 2024 10:26am

見てる: "Safari 18で Automatic Passkey Upgrades をやってみた" https://zenn.dev/gebo/articles/webauthn-safari18-passkey-upgrades

CHtheartoftheself.bsky.socialSep 28, 2024 8:04am

using Proton Pass to store my 2FA TOTP authentication codes, while still using Bitwarden as my password/passkey manager, giving me that lil bit of separation between login factors for tiny bump in security

MSmikesager.netSep 27, 2024 4:29pm

All the counts in here are for account takeover attacks (via phishing). Per my, admittedly quick, read, EVERY single one of these could have been prevented by simply adopting a FIDO2 based security key or passkey as the second factor with the elimination of alternate backups. Every single thing here

JJjoshuajfriedman.comSep 27, 2024 4:21pm

NEW: The indictment against members of Iran's Islamic Revolutionary Guard Corps for hacking the Trump campaign has been unsealed (via Kyle Cheney, Politico) s3.documentcloud.org/documents/25...

INTRODUCTION
Beginning in or around January 2020, and continuing through at least September
2024, malicious cyber actors employed by the Islamic Republic of Iran's ("Iran") Islamic Revolutionary Guard Corps ("IRGC"), Masoud Jalili ("JALILI", Seyyed Ali Aghamiri ("AGHAMIRI"), Yaser Balaghi ("BALAGHI), and other persons known and unknown to the Grand Jury (collectively, "Conspirators"), prepared for and engaged in a wide-ranging hacking campaign that used spearphishing and social engineering techniques to target and compromise the accounts of current and former U.S. government officials, members of the media,
nongovernmental organizations, and individuals associated with U.S. political campaigns. Such
activity is part of Iran's continuing efforts to stoke discord, erode confidence in the U.S. electoral
process, and unlawfully acquire information relating to current and former U.S. officials that could
be used to advance the malign activities of the IRGC.

Follow link above for full text.

RRxBrad.mastodon.rxbrad.com.ap.brid.gySep 27, 2024 12:59pm

If the concept of a #passkey confuses nerds like me, the general public must be totally mystified. Someone smart needs to demystify them. Otherwise, whenever anyone gets that notification saying to replace their password with a passkey, they'll just nope out of it like I've been doing.

usama345.bsky.socialSep 27, 2024 11:01pm

Say Goodbye To Password With Google New Passkey Feature Read more : mediaray.blog #password #google #passkey #goodbye

sylee.devSep 27, 2024 7:29am

網路黑手的呢喃 #55 chat.sylee.dev/2024/09/27/%... - 開源 Drama 再起，這次變成 WordPress vs WPEngine - Bun 還是一如慣例的激進，非常讚！ - Deno 2 這次真的快到了 - 針對開戰 Oracle 的 JavaScript 商標權 - 非常好物 Nushell - 讀書系列之 Cloudflare 優化分享以及 DHH 的自家 Passkey 經驗談、機器人大軍變身鼓勵師

網路黑手的呢喃 #55

開源 Drama 再起，這次變成 WordPress vs WPEngine、Bun 還是一如慣例的激進，非常讚！Deno 2 這次真的快到了、針對開戰 Oracle 的 JavaScript 商標權、非常好物 Nushell、讀書系列之 Cloudflare 優化分享以及 DHH 的自家 Passkey 經驗談、機器人大軍變身鼓勵師當然少不了的網路好東西～

Ffreeman.mk.gregorius.club.ap.brid.gySep 26, 2024 11:50pm

I am NOT using a passkey