pull down to refresh

There are many, but if you ask about recent bit, it's PASSKEYS I don't know why, it seems innocent but NO
What are they?
reply
Passwordless login infrastructure being pushed currently by Google, Meta, Github etc. AFAIK, It uses our device's authentication capabilities, to login with services. Keyring is already stored in our devices, so it utilizes that. Although, I found no real downside/ data-breach etc, but still a big NO from my side.
Any given day, I would prefer authenticator apps though.
reply
reply
ah i am skeptical about that too since it would be single point of failure. I like to keep my identities separate generally
reply
21 sats \ 1 reply \ @ek 17 Oct 2023
So you would prefer 2FA for login with lightning or nostr?
reply
That is one of the way to secure our accounts. Just installing Alby and seamlessly switching b/w apps is great but only until it's not breached and used for low risk application like SN. Once, nostr reaches to a point like emails (used to verify your identity), I feel still keeping separate passwords is the way to go. 2FA TOTP is an interesting option as a secondary layer too. I might be totally wrong.
I would totally want 2FA if I had stacked sats like k00b or DarthCoin or yourself :P
reply
You can easy and cheaply create as much Nostr identities as you want.
reply
Lightning login isn't identifiable across sites.
Just don't lose your wallet keys (wouldn't ever use it with a custodial wallet - this is why the mobile lightning nodes like Blixt, Breez, Phoenix are so cool).
Not your keys, not your identity.
reply