Hrefna (DHC)Jul 20, 2023

If you are talking to someone who is not currently using:

* A password manager
* MFA on most or all accounts that allow it
* An up to date operating system on all of their devices

Please stop yourself from recommending:

* A VPN
* Tor
* Tails (or any variations/equivalents)

Just… rewind a bit and help with the first items first.

Show threadTheAnymouseProphetAug 8, 2023

@hrefna
Sorry but I do not like password managers.

I don't understand why the industry doesn't move to something like ssh keys that git uses. Much more secure than passwords, hence why those who develop software prefer it.

As far as 2FA, have you ever not been able to pay a bill because your phone died?

Happened to my mom.

Frack that.

Show threadBryanAug 8, 2023
@SocialJusticeHeals Why? Most major services have multiple methods.
Show threadTheAnymouseProphet

@bryan
She couldn't log into her bank account with 2FA because her phone was dead and couldn't authenticate her login.

Many people may have multiple 2FA methods set up but not everyone does, nor can everyone afford to just immediately replace their phone when it dies (or is stolen).

I like 2FA but for many people, it can become a single point of failure. You know, the exact thing intelligent engineers try to avoid.

Passwords are bad technology anyway, authentication keys are better and it +

Aug 8, 2023 at 6:55amFedilab
Show threadTheAnymouseProphetAug 8, 2023
@bryan
literally boggles my mind that the industry still doesn't use authentication keys for secure logins. It's not exactly new technology.