Embed Notice

HTML Code

<blockquote style="position: relative; padding-left: 55px;"><section><a href="https://mastodon.social/users/glyph/statuses/113746755979075431">Glyph (glyph@mastodon.social)'s status on Tuesday, 31-Dec-2024 18:39:36 JST</a><a href="https://mastodon.social/@glyph" title="glyph@mastodon.social"><img src="https://gnusocial.jp/avatar/19724-48-20221108060713.webp" width="48" height="48" alt="Glyph" style="position: absolute; left: 0; top: 0;">Glyph</a><div><a href="https://mastodon.social/@glyph/113746734632677624" rel="in-reply-to">in reply to</a><ul><li><li><a href="https://gnusocial.jp/user/40873" title="dalias@hachyderm.io">Rich Felker</a></li><li><a href="https://gnusocial.jp/user/105710" title="whitequark@mastodon.social">✧✦✶✷Catherine✷✶✦✧</a></li><li><a href="https://gnusocial.jp/user/150413" title="emma@orbital.horse">Emma Builds 🚀</a></li></ul></div></section><article><p><a href="https://mastodon.social/@whitequark">@whitequark</a> <a href="https://hachyderm.io/@dalias">@dalias</a> <a href="https://orbital.horse/@emma">@emma</a> <a href="https://mastodon.social/@mcc">@mcc</a> </p><p>- there are people who demonstrably cannot maintain continuity of access to a passkey vault; they require password-based access to services they use</p><p>- these people are often in desperate and vulnerable situations</p><p>- higher-security mechanisms like passkeys (and MFA) should *usually* not be mandatory, in part to accommodate such people</p><p>- in certain scenarios, where higher security is required, requiring them is reasonable, which means those people get excluded</p></article><footer><a rel="bookmark" href="https://gnusocial.jp/conversation/4286579#notice-8379466">In conversation</a><time datetime="2024-12-31T18:39:36+09:00" title="Tuesday, 31-Dec-2024 18:39:36 JST">about a month ago</time> <span>from <span><a href="https://gnusocial.jp/notice/8379466" rel="external" title="Sent from gnusocial.jp via ActivityPub">gnusocial.jp</a></span></span><a href="https://gnusocial.jp/notice/8379466">permalink</a></footer></blockquote>

Corresponding Notice

Embed this notice
Glyph (glyph@mastodon.social)'s status on Tuesday, 31-Dec-2024 18:39:36 JSTGlyph
in reply to
@whitequark @dalias @emma @mcc
- there are people who demonstrably cannot maintain continuity of access to a passkey vault; they require password-based access to services they use
- these people are often in desperate and vulnerable situations
- higher-security mechanisms like passkeys (and MFA) should *usually* not be mandatory, in part to accommodate such people
- in certain scenarios, where higher security is required, requiring them is reasonable, which means those people get excluded
In conversationabout a month ago from gnusocial.jppermalink

Public

Embed Notice

HTML Code

Corresponding Notice