📢 @selfhosted: Đang tìm người kiểm thử macOS cho **desktop‑2fa**, công cụ TOTP offline chạy trên desktop. Cài đặt qua Homebrew tap: `brew tap wrogistefan/desktop-2fa && brew install desktop-2fa`. Cần phản hồi về cài đặt, chạy CLI, tạo/import vault và các vấn đề macOS‑specific. Mọi hỗ trợ đều rất quý giá! #selfhosted #macOS #TOTP #CLI #opensource #tự_chủ #bảo_mật #phần_mềm_mở

https://www.reddit.com/r/selfhosted/comments/1q5unp8/looking_for_macos_testers_for_desktop2fa_offline/

Tôi đã tạo một công cụ 2FA/TOTP dùng cục bộ, hoạt động ngoại tuyến vì quá mệt mỏi với việc quản lý token trên điện thoại. Công cụ chạy hoàn toàn trong trình duyệt, không cần backend, dữ liệu lưu cục bộ (localStorage), hỗ trợ xuất/nhập. Phù hợp cho nhà phát triển kiểm thử và gỡ lỗi. Không tài khoản, không đồng bộ, không theo dõi. #2FA #TOTP #Offline #Security #MậtMãHóa #BảoMật #OpenSource #CôngCụLậpTrình

https://www.reddit.com/r/opensource/comments/1q5jzqd/oss_i_built_a_localfirst_offline_2fatot

The year is 2027. Email is #unreliable; little gets past #Gmail filters without a contract to receive your #email. #Governments don't stop it because (a) they have a contract, and (b) they don't understand how email works. Or worked.

#Tech companies finally realize that #SS7 is #insecure. Phone calls and texts can't be #trusted. Machine-learning-generated ("AI") audio and video means video and voice calls are doubly cursed - too many #FAANG executives have had embarrassing public #failures, falling #victim to the corporate equivalent of the grandparent #scam.

Few people use #TOTP, because the tech #companies don't promote it, they each call it something else and make it work differently, and they all want you to use their "app" rather than the standard 3-line script that can generate the correct code given a key and the current timestamp. The technically-minded try to educate their relatives and friends as part of the free-tech-support assumption, but no one cares.

#Account #recovery now involves waiting at home to sign for an envelope delivered by the lowest-cost (and therefore bribe-able) courier to the #registered home address of the account. Millions each year lose their email, #photos, videos, "purchased" digital #content, password vaults, etc because they've moved since they set up the account, or they have a P.O. box and companies don't believe those #exist.

The #internet is a vast digital #wasteland - wait, a saviour onstage: "Walled Garden-Net!".

Burn it.

Mein #DUT Projekt:
KeePassXC statt Passwörtern auf Zetteln und im Browserspeicher.

KeePassXC und Firefox-Plugin sind installiert, jetzt beginnt der Alltagstest.

Gut, dass man (vorerst) auch die alten Passwörter in KeePass weiter verwenden kann. Das macht den Start leichter.

Erst einmal ein paar kleine Webseiten ausprobieren.

- Wie ist das mit #TOTP #2FA?
- Ersetzt KeePassXC auch den Gnome Passwortspeicher #Seahorse?
- Kann man das auch z.B. für SSH-Keys verwenden?
- Funktioniert das auch mit WLAN-Zugangsdaten (z.B. PSK oder RADIUS)

… na, es gibt noch viel zu entdecken.
#didit

RE: https://tech.lgbt/@somebitslinks/115758462063327365

Lady Gaga is #totp (around 21 Dec 2025)

select json_group_array(artists.name), tracks.name, tracks.popularity
from tracks
join track_artists on track_rowid = tracks.rowid
join artists on artist_rowid = artists.rowid
where tracks.id in (select id from tracks order by popularity desc limit 3)
group by tracks.id;