I mean, manual approval technically does work. I kinda wanted something that would scale.
While I’m really glad to hear about it, I think it would work great for DDOS detection, I don’t know that it works for preventing spam accounts. I’m pretty sure puppeteer with GPT4 could check that box no problem.
PoW sure, but like what’s the tool name. Rolling my own PoW sounds not-smart. I’ve messed with metamask a bit but last I check isn’t real practical for mobile.
[TOTP] Simple to setup / create, doesn’t depend on 3rd party …
Actually I’m worried its a bit TOO easy to create. I don’t need a bulletproof/airtight system but what’s stopping highschooler from installing bluestacks, downloading the AUTH app, and then handling 10,000 TOTP requests for different bot accounts.
The “front page” of most instances are not interesting to average people or to professionals (e.g. local gov that wants to go open source, like those switching to Mastodon).
Part is lemmy’s hot-sort is basically broken as a ranking, another part is bad language filters, another part is that major communities here (fediverse, Linux memes, star trek memes, science memes, etc) are off-putting to out-of-group people because of so many in-group jokes. Its a hard fix.
For standard notes, its got an auto-export plaintext file option on desktop. Were you wanting two-way editing of plaintext? (e.g. Auto export and import)
If you make one I will join.
Of course I won’t have anything to post because I don’t own a paramotor but eventually I will!
It avoids the need for cloud storage.
If I’m out somewhere, with no device on me, I can still generate my passwords
The abbreviation method LessPass uses works pretty well. Its usually only a problem with a re-branding, like how wefwef changed to voyager. When that happens it’s not too big of a deal, I just change it to the new thing.
What is a big problem with the URL though is login portals. Like when it’s some conglomerated system that involves a million redirects, and/or a “login with XYZ”. They can get some really weird URLs that have nothing to do with the actual site and those are a real pain.
#3 isn’t true. There’s a username field, so you just put in the username of the alt accounts.
Your point about the master password and two factor is a good one though.
In practice password restrictions are rare (like 1% of sites), but they are problematic when they happen because there’s so many different ways to restrict passwords and trying all combinations is impractical. Needing the counter is exceedingly rare. Remembering the username isn’t a problem, but if you don’t have a consistent policy of always-using-a-username or always-using-the-email (as the lesspass username) it can be difficult to remember that. Similar situation with the URL, if it’s not abbreviated consistently, then it’s a problem.
That said, I still use LessPass for everything and just deal with the edgecase problems.
Despite what others are saying, I’ve been using it for a couple years and it can work great if you’re okay with the trade-offs.
Of the three (Integrity, Confidentiality, Availability) it has better availability than cloud storage which is what I care about. Even when the LessPass site is down, there’s an IPFS version, mirrors, local cache, etc so it’s basically always possible to derive any password.
At a user level, it’s very impractical (and a slight risk) to always retype the master password at every single login screen. However, letting the local autofill save the password doesn’t defeat the point of LessPass. Why? because, if you only use local storage, and you’re traveling and your phone breaks, you’re now locked out of every account. With LessPass, you’re fine as soon as you get an internet connection.
There are a few caveats.
Can someone (e.g. @OP) please TLDR this
I’ve read it like three times and still don’t understand what’s going on. I don’t see any of the attacks (links require login), and I’m not sure why quitting reddit and using Lemmy instead isn’t a valid soltuion.
I don’t see anywhere in his comment(s) where he says something postive about privacy guides.