CN=MFA_Everywhere,OU=BLM

@SporkSan@infosec.exchange
99 Followers
468 Following
237 Posts
Bad at Video Games. Bow-tie, popcorn, beer & identity enthusiast. #RVA #DSA Views are my own. He/His.
CN=MFA_Everywhere,OU=BLMMay 20
iinuwaMay 8

There's a lot of talk about passkeys recently and how they're not as good as strong, random, unique passwords in terms of UX and security. I agree with the UX part: the industry needs to converge on better and more consistent passkey UX in order for this to become mainstream and useful long-term.

But I don't agree on the security front: the phishing resistance property of passkeys is much better than passwords. @iamkale explains it well in his article: https://blog.millerti.me/2024/10/18/password-managers-arent-replacements-for-passkeys/

#Passkeys

Password managers aren't replacements for passkeys

There was some recent discourse about passkeys that bemoaned that they have so many issues that it’s better to stick with a password manager. The idea is that maintaining strong, unique passwords via a password manager is easier for users to understand. This completely misses the key point about why passkeys are such a stronger way of protecting login, though, so I decided to spend some time to compare the two approaches.

Matt's Headroom
CN=MFA_Everywhere,OU=BLMMay 20
iinuwaMay 19

For a while, I've been working with some other developers on improving passkey support in Linux. Here are my thoughts on what the road to a secure native API for interacting with passkeys. We'll need TPM support, measured boot, a virtual TEE, sandboxing kernel modules and more.

Sounds intriguing? Read here:

https://www.iinuwa.xyz/blog/linux-passkeys-update/

#Passkeys #Linux

Linux Passkeys Update

An update on improving passkey support in Linux

CN=MFA_Everywhere,OU=BLMMay 1
Celebrating #WorldPasskeyDay at #RSAC2025. Come say hi at the @yubico booth, 3301, and talk all things authentication! #FidoAlliance #YubiKey
CN=MFA_Everywhere,OU=BLMApr 22
VeeApr 20
CN=MFA_Everywhere,OU=BLMMar 5
Molly WhiteMar 5

Coinbase Chief Legal Officer: the critics who think we’ve bought out the government are refusing to engage with the nuanced and complicated fact that Trump used to be anti-crypto before we started spending hundreds of millions of dollars on politics

#Coinbase #crypto #cryptocurrency

CN=MFA_Everywhere,OU=BLMMar 4
ProjectFearlessnessMar 4

The People Vs Elon.
London.

#BoycottMusk

CN=MFA_Everywhere,OU=BLMFeb 26
Kevin RothrockFeb 26
Fuck this guy.
CN=MFA_Everywhere,OU=BLMFeb 26
Kim PeralesFeb 26

"GOP women voted for Trump, believing complicity would save them. MAGA men: pushing them out of l'ship, de facto legalizing abuse, & signaling that the era of "chivalry" will be replaced with the era of eating shit."

"Autocratic ldrs: Napoléon: decriminalized the murder of unfaithful wives -Mussolini: claimed that women “never created anything.” 21C is proving #misogyny & #authoritarianism aren't just common comorbidities but mutually reinforcing ills." -FA 2/22

#USPol
https://www.salon.com/2025/02/26/a-woman-is-like-a-child-maga-quickly-turns-its-sights-on-stripping-women-of-power/

MAGA men are already coming for GOP women

Salon.com
CN=MFA_Everywhere,OU=BLMFeb 25
VeeFeb 25
Now THAT's how it's done!
CN=MFA_Everywhere,OU=BLMFeb 25
Rachamim FarnworthFeb 7

“Do Not Comply In Advance”

❌bossy
❌already a cliche
❌ implies permission to comply later

“Fuck You, Make Me”

✔️ leads by example
✔️directs yelling at opposition instead of allies
✔️ easy to chant at a protest or put on a banner"