Jonatan<p>With USB/IP, I can now use my YubiKey remotely via SSH in the same way as I was sitting in front of my machine. Both in early boot stage (initrd); unlocking LUKS encrypted filesystem, and in booted system stage; signing git commits and authenticate to GitHub. Great! But what about using FIDO2/WebAuthn via RDP to log in to web services? USB redirection is not supported for xrdp. Is there any workarounds coming up to for example redirect WebAuthn from one machine to another?</p><p><a href="https://defcon.social/tags/yubikey" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>yubikey</span></a> <a href="https://defcon.social/tags/fido2" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>fido2</span></a> <a href="https://defcon.social/tags/usbip" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>usbip</span></a> <a href="https://defcon.social/tags/rdp" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>rdp</span></a> <a href="https://defcon.social/tags/nixos" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>nixos</span></a> <a href="https://defcon.social/tags/linux" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>linux</span></a></p>
Recent searches
No recent searches
Search options
Only available when logged in.
shakedown.social is one of the many independent Mastodon servers you can use to participate in the fediverse.
A community for live music fans with roots in the jam scene. Shakedown Social is run by a team of volunteers (led by @clifff and @sethadam1) and funded by donations.
Administered by:
Server stats:
255active users
shakedown.social: About · Status · Profiles directory · Privacy policy
Mastodon: About · Get the app · Keyboard shortcuts · View source code · v4.3.7
#fido2
1 post · 1 participant · 0 posts today
🧿🪬🍄🌈🎮💻🚲🥓🎃💀🏴🛻🇺🇸<p><a href="https://mastodon.social/tags/Passkeys" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Passkeys</span></a> are for people who only use one device to access the Internet, or multiple devices that are all made by AAPL/GOOG.</p><p>If you use Firefox on Ubuntu, Edge on Windows, Safari on Mac OS, and Chrome on ChromeOS you will have a bad time.</p><p><a href="https://mastodon.social/tags/webauthn" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>webauthn</span></a> <a href="https://mastodon.social/tags/fido2" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>fido2</span></a> <a href="https://mastodon.social/tags/passkey" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>passkey</span></a> <a href="https://mastodon.social/tags/auth" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>auth</span></a> <a href="https://mastodon.social/tags/authentication" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>authentication</span></a></p>
🧿🪬🍄🌈🎮💻🚲🥓🎃💀🏴🛻🇺🇸<p>Explain <a href="https://mastodon.social/tags/passkeys" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>passkeys</span></a> to me like I'm your grandparents.</p><p><a href="https://mastodon.social/tags/2fa" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>2fa</span></a> <a href="https://mastodon.social/tags/authentication" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>authentication</span></a> <a href="https://mastodon.social/tags/security" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>security</span></a> <a href="https://mastodon.social/tags/fido" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>fido</span></a> <a href="https://mastodon.social/tags/webauthn" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>webauthn</span></a> <a href="https://mastodon.social/tags/fido2" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>fido2</span></a> <a href="https://mastodon.social/tags/otp" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>otp</span></a> <a href="https://mastodon.social/tags/yubikey" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>yubikey</span></a> <a href="https://mastodon.social/tags/password" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>password</span></a> <a href="https://mastodon.social/tags/auth" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>auth</span></a></p>
Matt Cengia<p>I'd love if there was a website like <a href="https://www.passkeys.io/who-supports-passkeys" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://www.</span><span class="ellipsis">passkeys.io/who-supports-passk</span><span class="invisible">eys</span></a> which showed which websites also support *non-resident* <a href="https://aus.social/tags/FIDO2" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>FIDO2</span></a> authentication as opposed to resident <a href="https://aus.social/tags/Passkey" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Passkey</span></a>. Let's reward sites that have that support!</p>
Karl Voit :emacs: :orgmode:<p><a href="https://graz.social/tags/TroyHunt" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>TroyHunt</span></a> fell for a <a href="https://graz.social/tags/phishing" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>phishing</span></a> attack on his mailinglist members: <a href="https://www.troyhunt.com/a-sneaky-phish-just-grabbed-my-mailchimp-mailing-list/" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://www.</span><span class="ellipsis">troyhunt.com/a-sneaky-phish-ju</span><span class="invisible">st-grabbed-my-mailchimp-mailing-list/</span></a></p><p>Some of the ingredients: <a href="https://graz.social/tags/Outlook" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Outlook</span></a> and its habit of hiding important information from the user and missing <a href="https://graz.social/tags/2FA" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>2FA</span></a> which is phishing-resistant.</p><p>Use <a href="https://graz.social/tags/FIDO2" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>FIDO2</span></a> with hardware tokens if possible (<a href="https://graz.social/tags/Passkeys" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Passkeys</span></a> without FIDO2 HW tokens are NOT phishing-resistant due to the possibility of being able to trick users with credential transfers: <a href="https://arxiv.org/abs/2501.07380" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="">arxiv.org/abs/2501.07380</span><span class="invisible"></span></a>) and avoid Outlook (or <a href="https://graz.social/tags/Microsoft" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Microsoft</span></a>) whenever possible.</p><p>Further learning: it could happen to the best of us! Don't be ashamed, try to minimize risks and be open about your mistakes.</p><p>Note: any 2FA is better than no 2FA at all.</p><p><a href="https://graz.social/tags/email" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>email</span></a> <a href="https://graz.social/tags/malware" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>malware</span></a> <a href="https://graz.social/tags/security" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>security</span></a> <a href="https://graz.social/tags/OTP" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>OTP</span></a> <a href="https://graz.social/tags/TOTP" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>TOTP</span></a> <a href="https://graz.social/tags/Passkey" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Passkey</span></a> <a href="https://graz.social/tags/haveibeenpwned" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>haveibeenpwned</span></a> <a href="https://graz.social/tags/Ihavebeenpwned" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Ihavebeenpwned</span></a></p>
David Nelson<p>People who use hardware security keys: Storing them in geographically diverse locations is a wise move but makes it impossible to quickly onboard. How do you keep track of where you’ve registered each key? A checklist in a spreadsheet is obvious but cumbersome. Is there a better way? (Yes I use passkeys extensively but for certain services like email, iCloud, and my password manager, a hardware option is desirable if not mandatory.) <a href="https://mastodon.social/tags/YubiKey" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>YubiKey</span></a> <a href="https://mastodon.social/tags/YubiKeys" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>YubiKeys</span></a> <a href="https://mastodon.social/tags/FIDO" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>FIDO</span></a> <a href="https://mastodon.social/tags/FIDO2" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>FIDO2</span></a> <a href="https://mastodon.social/tags/FIDOKey" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>FIDOKey</span></a> <a href="https://mastodon.social/tags/FIDOKeys" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>FIDOKeys</span></a> <a href="https://mastodon.social/tags/Security" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Security</span></a></p>
Kevin Karhan :verified:<p><span class="h-card" translate="no"><a href="https://fearness.org/@gameplayer" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@<span>gameplayer</span></a></span> Just stick with a real <a href="https://infosec.space/tags/FIDO2" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>FIDO2</span></a> unit like a <span class="h-card" translate="no"><a href="https://social.nitrokey.com/@nitrokey" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@<span>nitrokey</span></a></span> / <a href="https://infosec.space/tags/Nitrokey" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Nitrokey</span></a>, which unlike <span class="h-card" translate="no"><a href="https://infosec.exchange/@yubico" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@<span>yubico</span></a></span> <a href="https://infosec.space/tags/Yubikey" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Yubikey</span></a> is 100% <a href="https://infosec.space/tags/OpenSource" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>OpenSource</span></a>'d...</p>
Sieva 🚴🚇🏙️🌹<p>Why do some services use passkeys as a 2nd factor, and not the *only* factor?</p><p>Makes no sense.</p><p><a href="https://social.coop/tags/passkey" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>passkey</span></a> <a href="https://social.coop/tags/WebAuthn" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>WebAuthn</span></a> <a href="https://social.coop/tags/FIDO2" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>FIDO2</span></a> <a href="https://social.coop/tags/security" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>security</span></a> <a href="https://social.coop/tags/credenntials" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>credenntials</span></a> <a href="https://social.coop/tags/MFA" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>MFA</span></a></p>
Royce Williams<p>TIL Proton dropped their maximum supported security keys (some time after mid-August 2024) from 8 to 4 keys?! (Notice the tiny "8 out of 4" label, because I had registered the maximum 8 keys)</p><p>I suspect my current config will be stable until I need to explicitly delete a key, in which case I won't be able to add a replacement unless I delete <em>five</em> keys. 😡</p><p><a href="https://infosec.exchange/tags/MFA" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>MFA</span></a> <a href="https://infosec.exchange/tags/SecurityKeys" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>SecurityKeys</span></a> <a href="https://infosec.exchange/tags/FIDO2" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>FIDO2</span></a> <a href="https://infosec.exchange/tags/Proton" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Proton</span></a></p>
🧿🪬🍄🌈🎮💻🚲🥓🎃💀🏴🛻🇺🇸<p>Hot take: <a href="https://mastodon.social/tags/2FA" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>2FA</span></a> one-time passwords (OTP) are better than <a href="https://mastodon.social/tags/Passkeys" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Passkeys</span></a>; especially when you store the codes on a <a href="https://mastodon.social/tags/Yubikey" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Yubikey</span></a>. </p><p><a href="https://mastodon.social/tags/auth" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>auth</span></a> <a href="https://mastodon.social/tags/authentication" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>authentication</span></a> <a href="https://mastodon.social/tags/security" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>security</span></a> <a href="https://mastodon.social/tags/webauthn" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>webauthn</span></a> <a href="https://mastodon.social/tags/fido2" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>fido2</span></a></p>
Brandon<p>I’ve been on Fedi for a year now and have fallen in love with the platform, so here’s my introduction! I studied computer science with a focus on RTOS and FP/PL, but I’m about to start my final semester of law school. I’ll be practicing at a boutique firm that primarily handles IP cases once I’m barred. I foilboard and I play way too many rhythm games in and out of the arcade. </p><p>I contribute to open source projects where I can, and I write up my experience in <a href="https://be-far.com" rel="nofollow noopener noreferrer" target="_blank">my digital garden</a> which I’ve been maintaining for over a year now. It’s also a good place to find usage tips for projects/tools that you might want to use. </p><ul><li><a href="https://be-far.com/Updates.xml" rel="nofollow noopener noreferrer" target="_blank">RSS feed</a></li></ul><p>My passion for tech also includes privacy, and I’m an advocate for minimizing your digital footprint. GenAI is a scam and its purveyors are causing real harm while they sell it as hard as they can. </p><p>Follow me for: <a href="https://social.treehouse.systems/tags/selfhosting" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>selfhosting</span></a> <a href="https://social.treehouse.systems/tags/digitalgardening" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>digitalgardening</span></a> <a href="https://social.treehouse.systems/tags/privacy" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>privacy</span></a> <a href="https://social.treehouse.systems/tags/lawfedi" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>lawfedi</span></a> <a href="https://social.treehouse.systems/tags/section230" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>section230</span></a> <a href="https://social.treehouse.systems/tags/copyright" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>copyright</span></a> <a href="https://social.treehouse.systems/tags/patents" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>patents</span></a> <a href="https://social.treehouse.systems/tags/rustlang" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>rustlang</span></a> <a href="https://social.treehouse.systems/tags/gleam" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>gleam</span></a> <a href="https://social.treehouse.systems/tags/haskell" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>haskell</span></a> <a href="https://social.treehouse.systems/tags/RSS" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>RSS</span></a> <a href="https://social.treehouse.systems/tags/neovim" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>neovim</span></a> <a href="https://social.treehouse.systems/tags/NixOS" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>NixOS</span></a> <a href="https://social.treehouse.systems/tags/zotero" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>zotero</span></a> <a href="https://social.treehouse.systems/tags/tmux" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>tmux</span></a> <a href="https://social.treehouse.systems/tags/alacritty" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>alacritty</span></a> <a href="https://social.treehouse.systems/tags/linux" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>linux</span></a> <a href="https://social.treehouse.systems/tags/egpu" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>egpu</span></a> <a href="https://social.treehouse.systems/tags/qemu" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>qemu</span></a> <a href="https://social.treehouse.systems/tags/arch" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>arch</span></a> <a href="https://social.treehouse.systems/tags/archlinux" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>archlinux</span></a> <a href="https://social.treehouse.systems/tags/GNOME" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>GNOME</span></a> <a href="https://social.treehouse.systems/tags/watches" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>watches</span></a> <a href="https://social.treehouse.systems/tags/watchmaking" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>watchmaking</span></a> <a href="https://social.treehouse.systems/tags/obsidian" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>obsidian</span></a> <a href="https://social.treehouse.systems/tags/obsidianmd" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>obsidianmd</span></a> <a href="https://social.treehouse.systems/tags/thunderbird" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>thunderbird</span></a> <a href="https://social.treehouse.systems/tags/fpv" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>fpv</span></a> <a href="https://social.treehouse.systems/tags/mechkeys" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>mechkeys</span></a> <a href="https://social.treehouse.systems/tags/mechkeeb" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>mechkeeb</span></a> <a href="https://social.treehouse.systems/tags/mechanicalkeyboard" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>mechanicalkeyboard</span></a> <a href="https://social.treehouse.systems/tags/matrix" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>matrix</span></a> <a href="https://social.treehouse.systems/tags/signal" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>signal</span></a> <a href="https://social.treehouse.systems/tags/fido2" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>fido2</span></a> <a href="https://social.treehouse.systems/tags/passkeys" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>passkeys</span></a> <a href="https://social.treehouse.systems/tags/dancerushstardom" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>dancerushstardom</span></a></p>
Royce Williams<p>It's been 12 days since I (and a few others) noticed ... and we're still unable to rename security keys within a Google Account.</p><p><a href="https://www.reddit.com/r/GoogleSupport/comments/1gahuqa/cannot_rename_fido2_security_key/" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://www.</span><span class="ellipsis">reddit.com/r/GoogleSupport/com</span><span class="invisible">ments/1gahuqa/cannot_rename_fido2_security_key/</span></a></p><p>Renaming keys is essential, to keep them identified and disambiguated.</p><p><a href="https://infosec.exchange/tags/Google" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Google</span></a> <a href="https://infosec.exchange/tags/SecurityKeys" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>SecurityKeys</span></a> <a href="https://infosec.exchange/tags/FIDO2" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>FIDO2</span></a></p>
Proton<p>You asked, we delivered! All Proton mobile apps now support <a href="https://mastodon.social/tags/FIDO2" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>FIDO2</span></a> for <a href="https://mastodon.social/tags/2FA" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>2FA</span></a>. 🎉 </p><p>Use security keys like YubiKey for an extra layer of protection. Here’s how: <a href="https://proton.me/support/2fa-security-key" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">proton.me/support/2fa-security</span><span class="invisible">-key</span></a></p>
Royce Williams<p>Quick report on Porkbun FIDO / security key / passkey options:</p><ul><li>✅ Supports more than five keys</li><li>✅ Supports passwordless passkeys as a separate toggle-able option, but you can also add a phone using the hardware key config area</li><li>✅ You can opt into using <em>only</em> keys for MFA</li><li>🤷♂️ You can set name of each key, but names cannot be edited (only way to rename is to delete a key)</li><li>❌ Rich <em>web-side</em> report of auth/success failure generally, but no <em>key-specific</em> logging (you can't tell when each specific key was last used, IP / location / OS, etc.).</li><li>🤷♂️ You can opt into <em>email</em> notifications of successful / failed auth, which list the IP, but only say "WebAuthn Security Key" (not the specific key name)</li><li>❌ Does not prompt for a PIN when set on the key itself (WebAuthn)</li></ul><p><a href="https://infosec.exchange/tags/Porkbun" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Porkbun</span></a> <a href="https://infosec.exchange/tags/MFA" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>MFA</span></a> <a href="https://infosec.exchange/tags/FIDO2" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>FIDO2</span></a> <a href="https://infosec.exchange/tags/passkeys" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>passkeys</span></a></p>
James Bartlett :terminal:<p><span class="h-card" translate="no"><a href="https://lemmy.world/u/breadsmasher" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@<span>breadsmasher</span></a></span> <br>Great question! "Need" probably isn't the right word. "Strongly desire" or "greatly prefer" would more accurate.</p><p>The reason is that I have lots of different devices with different port types. Some of my newer devices only have USB-C ports, while my older devices only have USB-A ports, and I'd really like to have just "one key to rule them all," so to speak.</p><p>I know that I could buy a little USB-A/C adapter dongle and keep that on the same keychain with the MFA key, but that introduces a degree of fragility that I'd prefer to avoid if possible. </p><p>That being said, if I found a hardware MFA key with all of the features I listed except for USB-C, then I'd happily accept the dongle compromise, because most of my devices (even the old ones) support Bluetooth, so I'd still have that as a backup option in case the dongle fails.</p><p><a href="https://techhub.social/tags/MFA" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>MFA</span></a> <a href="https://techhub.social/tags/2FA" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>2FA</span></a> <a href="https://techhub.social/tags/fido" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>fido</span></a> <a href="https://techhub.social/tags/fido2" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>fido2</span></a> <a href="https://techhub.social/tags/fido3" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>fido3</span></a> <a href="https://techhub.social/tags/NFC" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>NFC</span></a> <a href="https://techhub.social/tags/USB" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>USB</span></a> <a href="https://techhub.social/tags/USBc" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>USBc</span></a> <a href="https://techhub.social/tags/USBa" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>USBa</span></a> <a href="https://techhub.social/tags/dongle" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>dongle</span></a> <a href="https://techhub.social/tags/Biometric" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Biometric</span></a> <a href="https://techhub.social/tags/Fingerprint" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Fingerprint</span></a> <a href="https://techhub.social/tags/YubiCo" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>YubiCo</span></a> <a href="https://techhub.social/tags/YubiKey" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>YubiKey</span></a> <a href="https://techhub.social/tags/Bluetooth" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Bluetooth</span></a> <a href="https://techhub.social/tags/CyberSecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>CyberSecurity</span></a> <a href="https://techhub.social/tags/InfoSec" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>InfoSec</span></a></p>
James Bartlett :terminal:<p>My current hardware MFA key is no longer receiving security patches, so I'm in the market for a new one.</p><p>Here's a list of features I'd like my new hardware MFA key to have, in order of priority:<br>1. USB-A<br>2. NFC<br>3. USB-C<br>4. Biometric<br>5. Bluetooth</p><p>My current MFA key has features 1-3 and 5. Is there a Holy Grail MFA key somewhere out there with all 5 features?</p><p>I'm already pretty familiar with YubiCo's product lineup, and while I love their security rating and build quality, none of them have more than 2 of the features listed above, so that kinda bums me out.</p><p>Anyway, let's hear your hardware MFA key recommendations!</p><p><a href="https://techhub.social/tags/MFA" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>MFA</span></a> <a href="https://techhub.social/tags/2FA" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>2FA</span></a> <a href="https://techhub.social/tags/fido" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>fido</span></a> <a href="https://techhub.social/tags/fido2" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>fido2</span></a> <a href="https://techhub.social/tags/fido3" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>fido3</span></a> <a href="https://techhub.social/tags/NFC" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>NFC</span></a> <a href="https://techhub.social/tags/USB" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>USB</span></a> <a href="https://techhub.social/tags/USBc" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>USBc</span></a> <a href="https://techhub.social/tags/USBa" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>USBa</span></a> <a href="https://techhub.social/tags/Biometric" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Biometric</span></a> <a href="https://techhub.social/tags/Fingerprint" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Fingerprint</span></a> <a href="https://techhub.social/tags/YubiCo" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>YubiCo</span></a> <a href="https://techhub.social/tags/YubiKey" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>YubiKey</span></a> <a href="https://techhub.social/tags/Bluetooth" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Bluetooth</span></a> <a href="https://techhub.social/tags/CyberSecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>CyberSecurity</span></a> <a href="https://techhub.social/tags/InfoSec" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>InfoSec</span></a></p>
openSUSE Linux<p>Want to secure your system with Full Disk <a href="https://fosstodon.org/tags/Encryption" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Encryption</span></a>? Check out the <a href="https://fosstodon.org/tags/quickstart" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>quickstart</span></a> guide for FDE with <a href="https://fosstodon.org/tags/TPM" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>TPM</span></a> or <a href="https://fosstodon.org/tags/FIDO2" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>FIDO2</span></a> using YaST2 on Tumbleweed! 🔒 <a href="https://fosstodon.org/tags/openSUSE" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>openSUSE</span></a> <a href="https://fosstodon.org/tags/Linux" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Linux</span></a> <a href="https://fosstodon.org/tags/Security" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Security</span></a> <a href="https://news.opensuse.org/2024/09/20/quickstart-fde-yast2/" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">news.opensuse.org/2024/09/20/q</span><span class="invisible">uickstart-fde-yast2/</span></a></p>
🝬𝐢𝐭𝐚𝐥𝐢𝐞☤☿🝬𝐮ț𝐚𝐧<p>Nitrokey 3A Mini from <span class="h-card" translate="no"><a href="https://social.nitrokey.com/@nitrokey" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@<span>nitrokey</span></a></span> Receives Official FIDO2 Certification<br>_<br><a href="https://www.nitrokey.com/news/2024/nitrokey-3a-mini-receives-official-fido2-certification" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://www.</span><span class="ellipsis">nitrokey.com/news/2024/nitroke</span><span class="invisible">y-3a-mini-receives-official-fido2-certification</span></a><br>_<br><a href="https://infosec.exchange/tags/privacy" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>privacy</span></a> <a href="https://infosec.exchange/tags/security" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>security</span></a> <a href="https://infosec.exchange/tags/nitrokey" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>nitrokey</span></a> <a href="https://infosec.exchange/tags/fido2" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>fido2</span></a> <a href="https://infosec.exchange/tags/realmmablock" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>realmmablock</span></a></p>
Proton<p>Did you know? 🤔</p><p>You can securely log into @Proton_Pass on Android and iOS using <a href="https://mastodon.social/tags/FIDO2" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>FIDO2</span></a> for two-factor authentication (<a href="https://mastodon.social/tags/2FA" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>2FA</span></a>).</p><p>Here's how: <a href="https://proton.me/support/set-up-fido2-on-mobile" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">proton.me/support/set-up-fido2</span><span class="invisible">-on-mobile</span></a></p>
xyhhx 🔻 (plz hire me)<p>am i missing something or does firefox not support fido 2 / passkeys?</p><p>i set up an onlykey passkey with a pin on chrome, but on firefox i get "JsNotAllowed" exception</p><p>there's an okta support article that suggests enabling `security.webauth.enable_softtoken` or something but that has no effect</p><p><a href="https://nso.group/tags/firefox" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>firefox</span></a> <a href="https://nso.group/tags/fido2" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>fido2</span></a> <a href="https://nso.group/tags/webauthn" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>webauthn</span></a> <a href="https://nso.group/tags/security" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>security</span></a></p>
ExploreLive feeds
Mastodon is the best way to keep up with what's happening.
Follow anyone across the fediverse and see it all in chronological order. No algorithms, ads, or clickbait in sight.
Create accountLoginDrag & drop to upload