574

submitted 2 days ago by Early_To_Risa@sh.itjust.works to c/greentext@sh.itjust.works

107 comments fedilink hide all child comments

you are viewing a single comment's thread
view the rest of the comments

[-] lmmarsano@lemmynsfw.com 1 points 1 day ago* (last edited 1 day ago)

Nah, any decent password manager or security application can manage multi-factor security credentials of any kind without lock-out due to phone loss.

Password authentication is beyond primitive by offering too many avenues of attack: the full secret is transmitted & shared. Passkeys, client certificates, OTP don't transmit the secret key. Passkeys & client certificates authentication never share a secret key, so the server can't expose it.

this post was submitted on 16 Mar 2025

574 points (97.5% liked)

Greentext

5726 readers

1650 users here now

This is a place to share greentexts and witness the confounding life of Anon. If you're new to the Greentext community, think of it as a sort of zoo with Anon as the main attraction.

Be warned:

Anon is often crazy.
Anon is often depressed.
Anon frequently shares thoughts that are immature, offensive, or incomprehensible.

If you find yourself getting angry (or god forbid, agreeing) with something Anon has said, you might be doing it wrong.

founded 1 year ago

MODERATORS

Early_To_Risa@sh.itjust.works