🚨 New Video: Protecting You From Yourself - The Token2 Review

We have looked at the industry standard (YubiKey) and the philosophical idealist (Nitrokey). Today, we’re looking at the aggressor: Token2.

The PIN+ Dual Release 3.3 and the Bio3 come in at nearly half the price of the competition, but there is a catch. This Swiss company doesn't care about convenience; they care about correctness. From hardware-enforced complex PINs to a literal war on legacy TOTP codes, Token2 assumes your ego is your biggest vulnerability.

Is this cynical, locked-down approach exactly what we need for true digital sovereignty, or is the clunky user experience a dealbreaker? Let's find out if this is the ultimate punk rock choice for your threat model.

Part 5 of the Sovereign Authentication series.

100% human made. #NoAI 

▶️ YouTube: https://www.youtube.com/watch?v=lQlN84gEb9c
📺 PeerTube: https://gnulinux.tube/w/fZbyKea1b6QJVQoFE4oQso

💬 Join our sovereign community on Stoat: https://stt.gg/GgB6HBTv
☕ Support the mission: https://liberapay.com/terminaltilt
🤝 Become a channel member: https://www.youtube.com/@TerminalTilt/join

#TerminalTilt #NoAI #Privacy #Security #PasswordManager #Token2 #Nitrokey #Yubikey #Yubico #FOSS #OpenSource #Linux #Cybersecurity #SelfHosted #DeGoogle #DigitalSovereignty #QueerCreator #DisabledCreator #HumanMade #TechEthics

What does 'we protect your data' actually mean?

Most companies: a policy.
We literally cannot read yours: that's math, not a promise.

Our engineers see encrypted blobs. Nothing more. AES-256-GCM, key never leaves your device.

https://wiggwigg.ca/en/security/application-security/

#ZeroKnowledge #Privacy #InfoSec #Fediverse #CanadianTech #PrivacyCanada #IndieWeb #PasswordManager #Encryption #AppSecurity

1/3

Imaginez un serrurier qui forge votre coffre-fort sans jamais garder la clé. C'est ça, la connaissance nulle : la clé de déchiffrement ne quitte jamais votre appareil. Nos serveurs conservent du charabia. Pas par politique. Mathématiquement.

https://wiggwigg.ca/fr/securite/zero-connaissance/

#InfoSec #Privacy #ZeroKnowledge #PasswordManager #CanadianTech #Encryption #PrivacyFirst #Fediverse #IndieWeb

1/3

So not only does @bitwarden accept slop machine-generated code for their clients now, they also *hide which commits have been "co-authored" by the slop machine* so that it's more difficult to tell at what speed the clients are being slopified 🙃

The clients are the most security-sensitive parts since it's where the encryption keys live.

This really sucks.

https://github.com/bitwarden/android/pull/6588

#Slop #FOSS #LLMs #Enshittification #BitWarden #PasswordManager #Code #Claude #GodDammitIHaveToFindAnAlternativeNow

Switch to a European password manager.

Advice #005
Digital Sovereignty Council
#PasswordManager #diday #DigitalSovereignty

Thinking of moving away from 1Password as manager.

Anybody have a trustworthy and relative user-friendly European based, non AI entangled, one to recommend?

#passwordmanager #recommendation #danmarkskifter

I just stumbled along this beauty of a thread:
https://community.bitwarden.com/t/inheritance-of-access-permissions-for-nested-collections/873?u=peritia-system

#bitwarden #passwordmanager

Seriously @bitwarden

What are you thinking i am sorry but that is insane