jerry

joined 1 year ago
sorted by: new top controversial old
4
Here is the best explanation of #passkeys I've seen and why they are most secure and, yes, why you should absolutely use them. (my-place.social)
 

Here is the best explanation of #passkeys I've seen and why they are most secure and, yes, why you should absolutely use them.

As always, it's the inconsistent implementation that makes everything too complicated, and this is true for passkeys. The industry quickly made a terrible mess and got in their own way of getting them adopted. Seems no two companies implement and use them the same way, have the same rules, the same instructions or could even explain them well. A confused market never buys.

Depending on the implementation, they can be used along with password login, a choice between it and password login, or the only choice for logging in.

Microsoft requires new Windows accounts to be passwordless (use passkeys). They aren't messing around. They jumped to the end of the story. Thanks to Microsoft, it's game over. You can kick and scream while being dragged there, but the world is going passkeys, and you're part of the world.

Passkeys eliminate security vulnerabilities often used by scammers while creating a greater risk that you will be locked out. The thing to remember is that nowadays, the chances of being hacked are much greater than the chances of you locking yourself out. And being hacked is much worse for you than getting locked out for a while.

#CyberSecurity

troyhunt.com/passkeys-for-norm…

3
Scammers set up domains with instructions to ignore email security failures on their emails via a DMARC record and Google et al. deliver their obvious dangerous spam to you. I thought, "how stupid" to (my-place.social)
 

Scammers set up domains with instructions to ignore email security failures on their emails via a DMARC record and Google et al. deliver their obvious dangerous spam to you. I thought, "how stupid" to create a security system so easily disabled.

But, I realize it was NEVER designed to protect YOU from spam. It has ONE purpose. Protect corporations from being spoofed. Period. They set their DMARC to reject or quarantine emails from their domains that fail security. It works perfectly for this and ONLY this. They are protected. You, not so much, but you are not their concern.

It could have been easily expanded to kill spam by not allowing the checks to be ignored, but why should they? They are protected. Common attitude today by too many people.

Am I wrong?
#CyberSecurity #EmailSecurity

12
Time to mention again, that if you own a domain, and you don't use if for email, that hackers will eventually try to use it to send spam. Google (just one email provider) told me there were 44 (infosec.pub)
 

Time to mention again, that if you own a domain, and you don't use if for email, that hackers will eventually try to use it to send spam. Google (just one email provider) told me there were 44 attempts in the past week they blocked because I put blocks in place. Do you own a domain not used for email? Have you protected it?

medium.com/nerd-for-tech/prote…

#cybersecurity

Instagram actively helping spread of self-harm among teenagers, study finds in c/technology@lemmy.world
[–] jerry@my-place.social 2 points 1 year ago

@rimu This is so disturbing and wrong