Conversation

Notices

Embed this notice
Amolith (amolith@nixnet.social)'s status on Wednesday, 01-Nov-2023 04:53:53 JST Amolith

I've had an idea for a new blog post :akko_thonk:

My approach to safely handling hardware MFA tokens so you don't royally fuck yourself when (not if!) you end up losing them. I'll also address handling the aftermath of losing them: considering those hardware tokens completely compromised, which requires removing them from every site you added them to.

In conversation Wednesday, 01-Nov-2023 04:53:53 JST from nixnet.social permalink
- Haelwenn /элвэн/ :triskell: and NeonPurpleStar :heart_bi: like this.
- Haelwenn /элвэн/ :triskell: repeated this.
- Embed this notice
  Amolith (amolith@nixnet.social)'s status on Wednesday, 01-Nov-2023 04:59:47 JST Amolith
  in reply to
  
  I did kinda fuck myself with some sites and I'm having to go through an identity verification mess.
  
  I also realised a day or so ago that I need to consider the TOTP aspect compromised, requiring me to regenerate secret TOTP tokens everywhere. WebAuthn and FIDO2 are compromised too, so I need to remove these devices from all the sites I added them to.
  
  It's going to be a fuck ton of work :amolith_woozy:
  
  In conversation Wednesday, 01-Nov-2023 04:59:47 JST permalink
  
  Haelwenn /элвэн/ :triskell: likes this.
- Embed this notice
  Haelwenn /элвэн/ :triskell: (lanodan@queer.hacktivis.me)'s status on Wednesday, 01-Nov-2023 05:01:20 JST Haelwenn /элвэн/ :triskell:
  in reply to
  
  @amolith Ruthless Machine (computer) meets the chaos of real life.
  
  Which reminds me of this article from someone whose house burnt, and so had nearly nothing proving their identity (other than I guess testimony).
  
  In conversation Wednesday, 01-Nov-2023 05:01:20 JST permalink
- Embed this notice
  Amolith (amolith@nixnet.social)'s status on Wednesday, 01-Nov-2023 05:05:40 JST Amolith
  in reply to
  - Haelwenn /элвэн/ :triskell:
  @lanodan I remember reading that too and the prospect scares me :neofox_sip_nervous:
  
  In conversation Wednesday, 01-Nov-2023 05:05:40 JST permalink
  
  Haelwenn /элвэн/ :triskell: likes this.
- Embed this notice
  Haelwenn /элвэн/ :triskell: (lanodan@queer.hacktivis.me)'s status on Wednesday, 01-Nov-2023 05:06:39 JST Haelwenn /элвэн/ :triskell:
  in reply to
  
  @amolith Same, at least in France I know that testimonies of identities are valid but it low-key makes me wish to have something like a dogtag (even though I'm an anti-militarist) for some public identifiers (like say social security number, I hate it but it's hecking resistant by design).
  
  In conversation Wednesday, 01-Nov-2023 05:06:39 JST permalink

Public

Notices

Feeds