overview for pitninja

Bitwarden has launched a new authenticator app in c/technology@lemmy.world

[–] pitninja@lemmy.ml 3 points 9 months ago

That may have been part of the reason, but the theory behind MFA is that there are 3 primary ways to authenticate who you are: what you know (password), what you have (secure one time password generator or hardware token), and what you are (biometrics). Password managers and digital one time password generators have kind of blurred the lines between passwords and one time passwords, but you're raising your risk a bit if you put them in the same place.

The Internet Archive's last-ditch effort to save itself in c/technology@lemmy.ml

[–] pitninja@lemmy.ml 1 points 9 months ago* (last edited 9 months ago)

That's probably true, but if the satire is annoying in its own right, I'm not going to indulge it either lol

Bitwarden has launched a new authenticator app in c/technology@lemmy.world

[–] pitninja@lemmy.ml 7 points 9 months ago (4 children)

Even if I hosted my own BitWarden vault, I wouldn't put my passwords and 2 factor tokens in the same place because it's eliminating the benefits that 2 factor provides if someone somehow manages to get into my vault.

Bitwarden has launched a new authenticator app in c/technology@lemmy.world

[–] pitninja@lemmy.ml 3 points 9 months ago* (last edited 9 months ago) (2 children)

Exactly, from a security perspective, it's a bad idea to put 2 factor tokens together with your passwords. You effectively eliminate the security benefit that 2 factor provides if you do because if people get into your password manager, they have everything they need to access your accounts. The only people it "helps" having it all in one app are people who don't understand the purpose of 2 factor and just see it as an inconvenience when services force it on them. Even though I use BitWarden for passwords, I don't think that I'll be changing from Aegis to BitWarden's stand-alone authenticator because Aegis is doing its job nicely.

Bitwarden has launched a new authenticator app in c/technology@lemmy.world

choose the wiser path in c/memes@lemmy.ml

[–] pitninja@lemmy.ml 1 points 2 years ago

Reddit died for y'all's sins.

Lemmy.world upgraded to 0.18.1-rc.1 in c/lemmyworld@lemmy.world

[–] pitninja@lemmy.ml 1 points 2 years ago

Well, it's gonna cause a few more unfortunately, I think, because there are definitely some bugs in 0.18.1-rc.1

Question: when is sh.itjust.works going to upgrading to v0.18. in c/main@sh.itjust.works

[–] pitninja@lemmy.ml 4 points 2 years ago (1 children)

Yeah and captcha got yanked out again. I understand they needed to get it out the door, I just don't see the argument for removing captcha when it appeared to be doing at least some good in preventing bots 🤷

Question: when is sh.itjust.works going to upgrading to v0.18. in c/main@sh.itjust.works

[–] pitninja@lemmy.ml 2 points 2 years ago (3 children)

v0.18 final was released pretty much as you were commenting in here.

Why do some posts and communities not show up on all instances? in c/lemmy@lemmy.ml

[–] pitninja@lemmy.ml 2 points 2 years ago

It's pretty bad, if your instance is missing comments and posts from another instance, they're going to be missing the comments indefinitely unless back filling is ever added to the protocol or unless users do what you're doing to manually pull comments and posts in. I think we'll see some federation improvements on the next major version of Lemmy after v0.18, but it's probably going to be shitty and unreliable until then. My personal instance is basically unusable right now.