Conversation

Notices

1. Embed this notice
   Timothy Clark (tclark@mstdn.social)'s status on Saturday, 01-Feb-2025 03:13:51 JST Timothy Clark

   • Matthew Lyon

   @mattly tangentially related -- it's time for me to blow the dust off my website and rebuild my blog. It used to be totally roll-by hand with PHP reading in text files. I'm not super convinced I want to go with Wordpress but I'm looking for something with minimal futzing on the command line. What do you use on lyonheart.us ?

   • Embed this notice
     Timothy Clark (tclark@mstdn.social)'s status on Saturday, 01-Feb-2025 03:30:02 JST Timothy Clark

     • Matthew Lyon

     @mattly thanks! i know most slightly techier folks use stuff like Ghost, but I'm not sure I want to wade that deeply into adminning the server. i might just end up going with Wordpress or update my "PHP pulls in text files" and that'll *work* for what I need but I'd also like to add RSS.

   • Embed this notice
     Timothy Clark (tclark@mstdn.social)'s status on Saturday, 01-Feb-2025 03:33:35 JST Timothy Clark

     • Matthew Lyon

     @mattly Yeah I'm heavily leaning toward flat files that pull in text and no database. I don't need a full-up "publishing" system.

   • Embed this notice
     Timothy Clark (tclark@mstdn.social)'s status on Saturday, 22-Feb-2025 03:24:46 JST Timothy Clark

     • Matthew Lyon

     @mattly that new trend is pure idiocy and I cannot be convinced otherwise.

   • Embed this notice
     Emile Snyder (esnyder@mastodon.social)'s status on Saturday, 22-Feb-2025 04:53:58 JST Emile Snyder

     • Matthew Lyon

     @mattly I really like your login bingo series of blog posts!

     Something that has always surprised me about oauth is the lack of discussion for end users about identity providers' level of control over your digital life. Every service I use that requires Google or GitHub as an identity provider is one more fiber in the cable binding me to Google/GitHub.

     I'm not even sure how to figure out what all those fibers are, if I want to get rid of my Google account, let alone how to change them.

   • Embed this notice
     Emile Snyder (esnyder@mastodon.social)'s status on Saturday, 22-Feb-2025 04:53:58 JST Emile Snyder

     in reply to

     • Matthew Lyon

     @mattly I don't know if it fits into this series, but I would be fascinated to hear your take on these sorts of questions.

   • Embed this notice
     Matthew Thomas (mpt@mastodon.nz)'s status on Sunday, 23-Feb-2025 03:36:17 JST Matthew Thomas

     • Matthew Lyon

     @mattly I often see people complaining about this. Unfortunately, the disabling/hiding solution might be even worse. People who clicked/Tabbed to the password field would then pay extra attention to their keyboard (because passwords are masked), so would take a while to realise that the field they thought they were typing into had gone AWOL.

     Alternatively, consider what icloud.com does: hide the password field by default, but if needed, reveal and focus it on the same page, not a separate page.

   • Embed this notice
     Keith Wansbrough (kw217@mathstodon.xyz)'s status on Tuesday, 25-Feb-2025 04:25:07 JST Keith Wansbrough

     • Matthew Lyon

     @mattly thank you, this series is amazing! Binge reading it just now and will definitely be issuing some pointed shares.

   • Embed this notice
     Jenniferplusplus (jenniferplusplus@hachyderm.io)'s status on Thursday, 27-Feb-2025 02:37:27 JST Jenniferplusplus

     • Matthew Lyon

     @mattly ok, but in this same vein, do you plan to cover security questions? Because among my many complaints with those is that I think it's wildly unreasonable to expect me to remember how I capitalized my answer about my childhood pets or whatever.

   • Embed this notice
     Jenniferplusplus (jenniferplusplus@hachyderm.io)'s status on Thursday, 27-Feb-2025 02:42:55 JST Jenniferplusplus

     • Matthew Lyon

     @mattly amazing

   • Embed this notice
     Emelia 👸🏻 (thisismissem@hachyderm.io)'s status on Wednesday, 05-Mar-2025 04:24:31 JST Emelia 👸🏻

     • Matthew Lyon

     @mattly perhaps also for that is using Device Code Grant Flow for input (UI) constrained devices or clients.

     Your terminal app should probably be using this instead of asking for a password directly.

   • Embed this notice
     Emelia 👸🏻 (thisismissem@hachyderm.io)'s status on Wednesday, 05-Mar-2025 04:30:02 JST Emelia 👸🏻

     • Matthew Lyon

     @mattly yup, they're applicable here, though most known for input constrained devices.

     I'm planning to bring them to Mastodon this year if I can secure funding for that work.