Pro tip: you can turn the link into ddinstagram to embed on services like Discord and other ones with embeds. This way you don't have to visit the site
EuroNutellaMan
joined 1 year ago
not for Visas but we do use it for several public uses.
bruh what? Italy a lot of towns have a telegram and a whatsapp channel. Everyone uses whatsapp here and it's similar in Ukraine, Ireland, and several other places.
2FA should always be enabled. Doesn't mean you always have to log out of a website. It's a massive important security feature: it saves your ass if your passwords are leaked/cracked/bypassed and it warns you that someone is trying to access your account. Apps like ProtonPass literally make it extremely trivial to fill it in, just push the button that pops up and it will autofill the 6 digit code (or copy it to your clipboard in the worst case), it's not SMS 2FA, so you're frankly stupid for not using it if you have that option.
You didn't address shit, strong passwords will still be vulnerable to certain attacks even if everyone used them. This isn't a privacy matter either it's a security one and regardless of what your threat model is 2FA should always be part of your security, there's a reason more and more websites and apps are pushing it, cause if you don't force idiots to adopt it they won't even if it's extremely important, same reason as why we need rules to make passwords more complicated. It may be an inconvenience (very tragic for the user I know, how dare they make something that autofills and takes a few seconds of my day away from watching useful shit like brainrot and some dumb comments on my favorite social media platform) but it's an extremely important and necessary measure.
It's still nowhere near as secure and convenient as using an appropriate tool. You will either have one that is easy to decipher and remember or one that is hard to decipher and remember. And you have to do it every time but at that point you might aswell just remember one password/passphrase and use it for your password manager, defeating the whole point.
Also bare in mind convenience is important in security, if a measure is very inconvenient you will eventually just bypass it on your own cause you can't be arsed.
Absolutely not. You should always use 2FA. Most decent password managers even make it easy for you.
While cracking a strong password is nigh impossible rn they are still vulnerable to data breaches and pass-the-hash attacks.
I mean I used to say the same but then I did after doing more research in mozilla's privacy things. Also Ladybird is coming at some point and frankly can't wait for that
I disagree. Password managers are still target of threat actors, a juicy one at that, but it's not too often you hear of breaches of good password managers. Chances are the people behind the good password managers are better at security than 99% of users (including more technical ones). Even after a breach exporting all the passwords and moving them to another service, and changing all your passwords again with more secure ones is trivially easy.
If everyone used them sure there'd be more pressure on said password managers but hackers will find it a lot more difficult to hack anything in general and it will still not be worthwhile to hack average users who use a password manager.
Unless the website is handled by complete morons it stores credentials in an hashed format. Usually to crack this we'd use rainbow tables or wordlists of known passwords, and essentially we use every word to generate the hash until it matches.
If your password is strong and hasn't been compromised (check regularly on haveibeenpwned) it will likely not be in any wordlists and it also won't be easy to crack. Now, password managers can generate the best passwords because they're completely random and very long by default so to crack them you'd have to try every possible character combination, this takes time, and specifically a time so long that statistically the andromeda galaxy and milky way will merge into one before the password is cracked (at least until quantum computers become a thing, then it's mere minutes).
2FA helps because even if they crack the password they then need the 2FA code, which you can't really guess or brute force and is seen on a third party app you don't control (unless you use sms, they can spoof SIMs ro view the sms you receive and therefore degeat 2FA). It also doubles as something that alerts you that someone is trying to access your account.
I mean, using password managers is both more convenient and more secure than 99% of things most user do to handle passwords so idk.
And some like Proton Pass also double as 2FA apps and make that trivially easy too by autofilling everything with a click
No. Anyone near you or with access to your place can see it. And most people know of the tricks.
Also you can't encrypt it and most of all you can't really generate as strong passwords as those generated by password managers, meaning I don't even need the paper to try and crack your password
view more: next ›
Signal, tho I'm not sure it has a web interface, I use their flatpak on Linux, they have apps for other OSes too (and obviously for your phones)