this post was submitted on 23 Jul 2023
4 points (100.0% liked)

The Andromedus Galacticus Collection

599 readers
1 users here now

This is a personal collection of things I find around the internet.

Alright, so somehow you found this place. Here's what to expect:

Due to the nature of this place, you may find a bunch of stuff that you don't care about, but you may also find a new passion.

So, the gist is, this is a place where I'll share random things, and you'll discover the internet with me.

Oh yeah, I didn't advertise this place anywhere, so hey, how did you even get here?

Check out the sister sub where you discover music with me! [email protected]

founded 1 year ago
MODERATORS
 

TLDR:

Here is generated summary of the article:

  • The author argues that passwords are not a secure way to authenticate users, and that websites should instead issue randomly generated passwords to users.
  • The author points out that websites already do this for API keys, which are used to secure high-stakes applications.
  • The author argues that this model of password issuance would be more secure than the current system, and would also simplify the login process for users.
  • The author also discusses the limitations of TOTP-based two-factor authentication, and argues that it is not as secure as it is often made out to be.

Here are some of the key points from the article:

  • Passwords are often weak and easy to guess.
  • Users are often not good at choosing secure passwords.
  • Websites often do not implement password best practices.
  • TOTP-based two-factor authentication is not as secure as it is often made out to be.
  • A more secure system would be to issue randomly generated passwords to users.
you are viewing a single comment's thread
view the rest of the comments
[–] ShunkW 6 points 1 year ago (1 children)

You have to balance security with usability. Most users aren't gonna understand the flow of getting a randomly generated password, and they're just gonna write it down if they do. This is a delicate balance that all cybersec people know.

[–] [email protected] 3 points 1 year ago (1 children)

I’m aware of the balancing act. I just thought it was an interesting opinion piece that I myself don’t quite share. My words [will always be bracketed] to tell the difference. Thanks for offering a counter argument to this article!

[–] ShunkW -1 points 1 year ago (1 children)

I mean I was just offering my response. But I'll be sure to remember this one random guy will put his words in [brackets]

[–] [email protected] 3 points 1 year ago* (last edited 1 year ago) (1 children)

I was responding based on the community you’re in. I’m now assuming you are seeing this from either local feed, or subscribed. If that’s the case, then I understand the confusion.

I wasn’t intending to give off hostility in my words. If that’s what you interpreted, my bad for phrasing it poorly.