#3goodthings

☀️ little snowplow gang cuddling under a tree

☀️ phone call because you are the chosen ear when someone is excited about a project they're working on

☀️ magic code to access an account finally arrives via mail .. and surprise! despite dealing with different entities to get to this place, it opens all three of them - no need to wait weeks for the same again just because you won't provide biometric data

#snow #february #Valentinesday #construction #banking #biometrics #2fa

I was wondering why I was always failing my TOTP 2FA logins on the first attempt. Turns out I found a bug in the Authenticator app for GNOME, where it will always give you the wrong codes after resuming the computer from suspend (sometimes after unlocking the app's built-in lockscreen too, I think): https://gitlab.gnome.org/World/Authenticator/-/issues/481

#GNOME #TOTP #2FA

In this small guid I want to show how to setup 2FA for your user(s) on your Ubuntu Desktop machine

https://hostlab.tech/blog/2fa-ubuntu-desktop

#2FA #ubuntu #desktop #linux #tutorial #opensource

Update Adobe (#8536)

#2fa

https://github.com/2factorauth/twofactorauth/commit/101cbee3fba31dd5274ed097525c1d9184598114

Add Link (#8539)

#2fa

https://github.com/2factorauth/twofactorauth/commit/525ea2b6f5d679cbfff63c4fcc1b79d44ac7dd71

Update OpenAI (#8534)

#2fa

https://github.com/2factorauth/twofactorauth/commit/7b8fa1d89ee6d52e0e462eba33ef3fd33ab39dfb

Password Security in 2026: A Practitioner’s View

After years in security, I can say one thing with confidence: most breaches still don’t start with zero-days. They start with credentials.

Phishing, credential stuffing, password reuse — same story, different year.

From the offensive side, weak or reused passwords are still one of the cheapest ways in. From the defensive side, identity remains the most fragile layer in otherwise decent infrastructures.

What I keep seeing in real environments:

The same password reused across multiple services

“Seasonal” patterns like Summer2026!

Credentials leaked in one breach and reused elsewhere

Missing MFA on systems that really should have it

This is why the basics still matter more than shiny tools:

Use a password manager and generate long, random, unique passwords

Use passphrases for master credentials

Enable MFA / 2FA everywhere it’s possible

Treat access reviews and account cleanup as a routine, not an incident response

Technology alone won’t save you, though. If policies are unclear or not enforced, people will always take shortcuts. And shortcuts in identity and access management are exactly what attackers love.

In 2026, this is not about “making life harder for users”. It’s about:

Reducing breach probability

Limiting blast radius

Protecting business continuity

And not turning basic hygiene into an expensive incident

Strong authentication is no longer “advanced security”. It’s just digital hygiene.
And like any hygiene, it only works if it’s systematic and boringly consistent.

#infosec #cybersecurity #passwords #identity #MFA #2FA #bluesky #mastodon #securityengineering #digitalhygiene

Meine IT Datenschutz Liste für alle 2026 !!

https://cryptpad.digitalcourage.de/file/#/2/file/8Qs0TqcP0rIbPpLbHD7IfW3s

#Datenschutz
#Privatsphäre
#Sicherheit
#Verschlüsselung
#Chatkontrolle
#Linux
#Windows
#Windows10
#Endof10
#Windows11
#Betriebssystem
#Supportende
#Gaming
#Browser
#Fediverse
#Mastodon
#Suchmaschine
#Passwortmanager
#Informationssicherheit
#DigitalIndependenceDay
#YouTube
#Werbeblocker
#2FA
#eMail
#Messenger
#UnplugTrump
#BigTech
#AI
#GraniteAct
#CloudAct
#Meta
#Facebook
#TikTok
#Instagram
#DID