Not sure where that leaves the young people today
On the street.
Not sure where that leaves the young people today
On the street.
Windows is malware.
Apple and Microsoft support aren’t exactly awesome, either, unless you’re a big business with deep pockets. At least with Linux, the system is open, so if there is a way to solve my problem, someone has almost certainly found it already and added it to Arch Wiki or Stack Overflow or something.
Working as intended.
Well, they sure aren’t pleasing me.
Sounds like an interesting idea. Pity MS can’t be bothered to iron out the issues with it.
They want to make it impossible to block other machines by address? Including ones that are attacking you? That’s a horrible idea.
Also, this sounds like it will require way too much intelligence in the network itself. The Internet works because the big trunk routers do very little processing per packet—just look at the destination address, decrement TTL, and send the packet to the next router. If trunk routers have to do a lot of per-packet processing or keep track of every single node on the network, they’ll fall over very quickly.
Horrifying to see Biden and the Dems unite with the Republicans on an anti-LGBT+ bill.
KeePassXC seems reputable, so I guess I’ll try to use that when the time comes.
I’ve only used SMS and Steam 2FA so far. I’ve been avoiding 2FA as much as I can.
How do I feed the generated QR code back to GitHub, then? Can I upload an image of it?
How will I notice when the spare fails, if it’s only a spare and I don’t regularly use it? Then I’m down to only one key, and as any grumpy backup admin will tell you, if you have only one copy of something, you have zero copies.
I would have a key plugged into the computer pretty much all the time when I’m working, so anyone who compromises the computer can impersonate me as long as I’m at work. This would be mildly inconvenient to the attacker, but wouldn’t actually stop the attacker. And if the computer isn’t compromised, how is anyone going to get into my GitHub account even without 2FA? They certainly aren’t going to do it by guessing my 16-character generated password or Ed25519 SSH key.
Something-I-know is worthless for authentication in the age of GPU password cracking. Most humans, including myself, do not have photographic memories with which to memorize cryptographically secure passwords. We’re all using password managers for a reason, and a password database is something you have, not something you know.
I can do that with alphanumeric codes, yeah, but can I get alphanumeric codes from GitHub, or is it going to be a QR code? I can’t write down a QR code…
Printing recovery codes would require me to either be price gouged by the printer ink cartel or use someone else’s printer, and using someone else’s printer is begging to get my account stolen.
I have no idea how to hammer things into metal plates, but I’m guessing that’s even more expensive than printer ink.
…through a third-party cloud server that you have no good reason to trust. No bueno. Keep sensitive information off the cloud unless you want it to become public.
Allowing a smartphone access to anything sensitive is even worse advice. Smartphones are notoriously insecure.
That’s a pretty absurd take in 2023. Tracking and surveillance is rampant these days.
It’s pretty hard to hand-write a QR code, I don’t wish to pay the printer cartel $50 for the privilege of printing it, and it would of course be horribly insecure to print it with someone else’s printer.
And how would I use the QR code? I can’t scan it with my phone’s camera because allowing my phone access to my GitHub account is a security risk, and I can’t scan it with my desktop because it doesn’t have a camera.
So, how is this going to work? How do I recover my GitHub account without making it less secure than it is with just a password?
The use of a “secure enclave” for any purpose is a bug at best, because secure enclaves aren’t just secure against your adversaries; they’re also secure against you. This is intolerable. All machines must obey their owner, and “secure enclaves” by design don’t.
Since when could young people afford to buy a house?