By @edent · 2fa CyberSecurity MFA passwords totp · 3 comments · 100 words · read ~207 times.
Recently, WordPress got in contact with me to say they suspect that my password was exposed in some sort of data breach. Well, it's a day ending with a "y" - so of course some scumbag has pilfered my digital identity. WordPress mandated that I change my password. But was that really necessary? Firstly, the […]
Continue reading →By @edent · 2fa passwords security sms usability · 10 comments · 900 words · read ~620 times.
The other day, a company sent me a 2FA code which was only four digits long. I'll admit, this weirded me out. Surely 4 is just far too short. Right? I think almost every 2FA code I've seen has been 6 digits long. Even back in the days of carrying one of those physical RSA […]
Continue reading →By @edent · 2fa passwords security · 123 comments · 1,500 words · read ~50,704 times.
Imagine… Last night, lightning struck our house and burned it down. I escaped wearing only my nightclothes. In an instant, everything was vaporised. Laptop? Cinders. Phone? Ashes. Home server? A smouldering wreck. Yubikey? A charred chunk of gristle. This presents something of a problem. In order to recover my digital life, I need to be […]
Continue reading →By @edent · android bitwarden emoji linux passwords security · 4 comments · 150 words · read ~319 times.
Let me start by saying that Emoji Passwords are probably a really daft idea. I want to use emoji in my passwords. They're easy to type on a mobile keyboard, easy to remember, and a lot more fun than boring ASCII characters. Let's go with ✅🐎🔋📎 (As close as possible to Correct Horse Battery Staple) […]
Continue reading →By @edent · 2fa passwords security · 2 comments · 300 words · read ~294 times.
Last year, when doing some digital spring-cleaning, I realised that I had 800 different passwords. I tried going through them, removing long-dead websites, closing old accounts, and deleting anything incriminating. I now have 891 accounts. Arse. I also went through my 31 different 2FA accounts. Getting rid of old employers' email tokens, failed crypto wallet […]
Continue reading →By @edent · 2fa passwords security usability · 7 comments · 650 words · read ~1,044 times.
Last week I wrote about how I had 800 passwords in my password manager. It was intended to highlight the ridiculous proliferation of online services, and how redecentralising identity comes with a manageability problem. I now want to talk about 2FA - Two-Factor Authentication - the random codes you have to type in every time […]
Continue reading →By @edent · passwords security usability ux · 10 comments · 500 words · read ~8,348 times.
I've started using BitWarden - the open source password manager. As I've been binge-watching Marie Kondo, I thought it was about time that I deleted all the accounts that I no longer user. I got rid of dozens related to previous employers. I hope the passwords wouldn't work after I left but 🤷♂️. I scanned […]
Continue reading →By @edent · bitwarden NaBloPoMo passwords review · 1 comment · 300 words · read ~1,657 times.
I've been a long time user of LastPass - but over the last year, they've abandoned their Linux customers and insisted that users pay to access enhanced security. Forget that noise! I started looking for a new password manager and, on the recommendation of several friends, started using BitWarden. Pros Open Source! Works in the […]
Continue reading →By @edent · passwords phishing security twitter · 2 comments · 300 words · read ~1,588 times.
Companies face a complicated choice. Make things easy for the customers, or make things secure for them. Convenience seems to take priority most of the time. This forces companies to get their customers to risk their own security. In this example, we see Verizon Wireless asking their customers to type their passwords into Twitter for […]
Continue reading →By @edent · HTML idiots passwords security usability · 3 comments · 200 words · read ~399 times.
We've all been faced with this screen, right? You haven't logged in to a website for a while, so it prompts you to change your password. sigh Annoying but probably necessary. The problem was, every time I tried to change my password, it told me that my old password was invalid. The one that I'd […]
Continue reading →