Something interesting

  • 0 Posts
  • 11 Comments
Joined 1 year ago
cake
Cake day: June 1st, 2023

help-circle
  • That may have been part of the reason, but the theory behind MFA is that there are 3 primary ways to authenticate who you are: what you know (password), what you have (secure one time password generator or hardware token), and what you are (biometrics). Password managers and digital one time password generators have kind of blurred the lines between passwords and one time passwords, but you’re raising your risk a bit if you put them in the same place.




  • Exactly, from a security perspective, it’s a bad idea to put 2 factor tokens together with your passwords. You effectively eliminate the security benefit that 2 factor provides if you do because if people get into your password manager, they have everything they need to access your accounts. The only people it “helps” having it all in one app are people who don’t understand the purpose of 2 factor and just see it as an inconvenience when services force it on them. Even though I use BitWarden for passwords, I don’t think that I’ll be changing from Aegis to BitWarden’s stand-alone authenticator because Aegis is doing its job nicely.





  • It’s pretty bad, if your instance is missing comments and posts from another instance, they’re going to be missing the comments indefinitely unless back filling is ever added to the protocol or unless users do what you’re doing to manually pull comments and posts in. I think we’ll see some federation improvements on the next major version of Lemmy after v0.18, but it’s probably going to be shitty and unreliable until then. My personal instance is basically unusable right now.