Jonkman Microblog
  • Login
Show Navigation

  • Public

    • Public
    • Network
    • Groups
    • Popular
    • People

Conversation

Notices

  1. Strypey (strypey@mastodon.nzoss.nz)'s status on Friday, 04-Jan-2019 11:51:25 EST Strypey Strypey

    There's some good advice in here about what *not* to do with passphrase policies for online services, and why, with some potentially helpful references. But ultimately I disagree with a lot of Troy's conclusions, because they're biased by what kind of US makes sense to him, a power user with a high level of security knowledge, not a #JoUser. My favourite approach is what #Medium does; they send a login link to your registered email address instead of storing a password.
    https://www.troyhunt.com/passwords-evolved-authentication-guidance-for-the-modern-era/

    In conversation Friday, 04-Jan-2019 11:51:25 EST from mastodon.nzoss.nz permalink

    Attachments

    1. Invalid filename.
      Passwords Evolved: Authentication Guidance for the Modern Era
      from Troy Hunt
      In the beginning, things were simple: you had two strings (a username and a password) and if someone knew both of them, they could log in. Easy. But the ecosystem in which they were used was simple too, for example in MIT's Time-Sharing Computer, considered to be the first computer
  • Help
  • About
  • FAQ
  • TOS
  • Privacy
  • Source
  • Version
  • Contact

Jonkman Microblog is a social network, courtesy of SOBAC Microcomputer Services. It runs on GNU social, version 1.2.0-beta5, available under the GNU Affero General Public License.

Creative Commons Attribution 3.0 All Jonkman Microblog content and data are available under the Creative Commons Attribution 3.0 license.

Switch to desktop site layout.