do people here use passkey to log-in?

  • 🐕 I am attempting to get the site runnning as fast as possible. If you are experiencing slow page load times, please report it.
the grey cat

the grey cat

between black and white
kiwifarms.net
Joined
Mar 5, 2024
1747236214806.webp
this wasn't here before and was added early this year. does it actually work or is it just there for decoration?
 
No. No, man. Shit no, man. I believe you'd get your ass kicked logging in like that, man.

Like any good semi-autist, I have one base password, to which I attach a few different number/symbol endings, depending on the importance of the login. So I don't remember my exact KF pass but know it's one of a couple tard-tier options. Then for bank stuff, I know it's one of a few more secure ones.

I'm basically a human password manager that takes a couple tries.
 
  • Feels
  • Like
Reactions: Super Malario, Beef Void, Beardless Lenin and 8 others
JohnnyG said:
No. No, man. Shit no, man. I believe you'd get your ass kicked logging in like that, man.

Like any good semi-autist, I have one base password, to which I attach a few different number/symbol endings, depending on the importance of the login. So I don't remember my exact KF pass but know it's one of a couple tard-tier options. Then for bank stuff, I know it's one of a few more secure ones.

I'm basically a human password manager that takes a couple tries.
Click to expand...
I do pretty much the same but I recommend using a different base password for different emails/usernames to avoid potentially tying identities together.
 
  • Like
Reactions: JohnnyG and Toji Suzuhara
Proton Pass. Went there when I signed up because they were the recommended email provider. Found that they had the least horrible password manager. (I've tried LastPass, Bitwarden and KeePassXC. Prefer Proton Pass to all of them.)
 
Danger: passkeys have very good security characteristics but they are keyed on the domain so if the domain changes again you would be fucked if you didn't have a recovery code. For me, user, pass + totp is good enough. Passkeys are for your high value things such as your email account or password manager.

If you do want to use passkeys, consider using one of the newer Yubikeys that supports them as opposed to your spyware cloud accounts like iCloud/Microsoft, or Tim Cook will know where you shitpost.
 
  • Like
Reactions: Lovely Kin
Swole McPole said:
Proton Pass. Went there when I signed up because they were the recommended email provider. Found that they had the least horrible password manager. (I've tried LastPass, Bitwarden and KeePassXC. Prefer Proton Pass to all of them.)
Click to expand...
I've been using KeePass XC and it works well as you would expect for an FOSS program, how's Proton Pass compared to KeePass XC?
 
I just have a big txt file with all my variants of Pa$$w0rd98765
 
  • Like
Reactions: Pedophobe
I use yubikeys, might start using one here. I will report back after I register one of them on here.
 
Well it does not seem to work for now. I have tried 2 different browsers and made sure that i can use my Yubikey on my mail on one of them. I get to the point where it asks me to use the button on the key after which it should finish the registration. Then I get an error message.2025-05-19 19_35_24-Window - Copy.webp2025-05-19 19_35_41-Window - Copy.webp
 
Since Snowden and all that was: I mistrust this

XYZpdq Jr. said:
I just have a big txt file with all my variants of Pa$$w0rd98765
Click to expand...
Now use editor which can crypt AES and never save plaintext = perfect. Good security isn't about sophisticated, rather smart.

Nagato Kai Ni Surigao said:
The number of people in this thread that openly admit to not having 99 character randomly generated passwords is concerning
Click to expand...
Industry/Countries are also at fault for not establishing (for example) hashing standard requirements - because it would undermine..? you guess ;)
 
I only access the farms if I’m behind 7 proxies and I’ve injected JavaScript into the DNS query table to make sure no onion IP addresses are listening into my custom VB.NET server. I like to keep SharkTank running in the background just in case. I hope you guys aren’t seriously still using passwords.
 
Anyone foolish enough to use this deserves the pink join date of shame when they invariably get locked out and have to create a new account.
 
  • Like
Reactions: Pedophobe
I tried it for luls with a throwaway key and it is still broken. Which does make me think why bother advertising this feature. I'd rather have PGP signing on site via keys enabled.
 
You must log in or register to reply here.
Back