I don’t know if amazing or just privileged. Shouldn’t someone stand up in the face of injustice and human rights violation?
- 0 Posts
- 14 Comments
Joined 21 days ago
Cake day: September 24th, 2025
You are not logged in. If you use a Fediverse account that is able to follow users, you can follow this user.
Actual gestapo. Can’t wait to see them all face a trial. (I do still hope that fascism can be defeated again.)
2·5 days agoWhat’s wrong with beinhalten?
Why yes I always dreamed of writing code like a full on novel.
Quellcodeanglizismussubstastivbeispielersatzgroßschreibungsregel
Well, they’re not a bad thing per se, it’s just important to remember that by doing that you are essentially delegating the access security (including any means of MFA) from the target website to the password manager. I.e., instead of inputting password and 2FA code for example.com, you have to input your password and 2FA code for the password manager itself. This has the same security guarantees, so long as you don’t set your vault to—for example—never lock automatically.
For the case of passkeys, using Bitwarden, even with 2FA does reduce the security level in my eyes somewhat, since I’d argue passkeys to be a more secure measure than password + OTP. Unless, of course, you use a different passkey to authenticate yourself to Bitwarden.
TLDR; be careful about putting everything inside Bitwarden. You’ll be fine if you make sure to protect your password manager adequately, but if you put OTP secrets (or passkeys) for other website inside Bitwarden AND only use password authentication for Bitwarden without any MFA, then you are effectively reducing your MFA back to a single factor (the Bitwarden password).
I’m afraid user authentication on the internet is broken beyond salvation. It’s already complex enough to grasp fully for tech-savvy people, meanwhile we’ve taught the general population to use password123 for all their accounts and write it on a post-it for a good measure.
If it’s alright with your threat model, you can put the time-based OTPs into your password manager of choice, like Bitwarden. Upon filling your username and password, it places your OTP in your clipboard, so that you can simply paste it in. This does of course reduce the security of the system slightly, since you centralize your passwords and your OTPs. When opting for this method, it is therefore imperative to protect your password manager even more, like via setting up 2FA for the password manager itself or making sure your account gets locked after something like 10 minutes of inactivity. The usability aspect is improved by using a yubikey or another similar physical key technology.
You, kind sir, are giving me ideas…
This crucification is sponsored by Nord VPN
5·11 days ago[…] it was long-standing tradition to only feature portraits of deceased individuals on currency and coin.
That tradition became law with an 1866 Act of Congress
Does the treasury department know something that we don’t about events that may or may not happen before the anniversary?
That’s right, it goes in the square hole!
And that’s why I added a crontab entry that periodically purges my cron configuration. That way, I’m forced to readd only the truly necessary cron jobs, successfully reducing the amount of crontab entries.
10·20 days agoShould’ve read the mail carrier’s thoughts smh
It comes from the Latin word for Switzerland (or at least what was there back then).