Passwords

So far i've tried 3, last one was 1pass, i'd give it an 8, before that was nordpass, straight 6, Bitwarden is... fine, but it definitely doesn't live up to the hype.

I'm gonna try as many as i can before i settle but which one should i try next? I prefer accesability, good integration across all devices and a few deeper features for power users are always a plus.

cross-posted from: https://slrpnk.net/post/21033639

The background is here. In short, an SSD with the “Apacer” brand froze itself into read-only mode, presumably due to reaching a point of poor reliability.

The data on the drive is useless. It was part way through installing linux when it happened. I would like to reverse that switch to make one last write operation (to write a live linux distro), which thereafter can be read-only.

I have heard some speculation that the manufacturer uses password to impose read-only mode. If true, then the password would be in the drive’s firmware. Does anyone know what Apacer uses for this password?

From the article:

“In terms of cost, we estimate that – during over 13 years of its deployment – 819 million hours of human time has been spent on reCAPTCHA, which corresponds to at least $6.1 billion USD in wages. Traffic resulting from reCAPTCHA consumed 134 Petabytes of bandwidth, which translates into about 7.5 million kWhs of energy, corresponding to 7.5 million pounds of CO₂. In addition, Google has potentially profited $888 billion USD from cookies and $8.75-32.3 billion USD per each sale of their total labeled data set.”

This means when a CAPTCHA serves as a barrier between people and an essential public transaction, people are being forced into involuntary uncompensated servitude. I believe this is a human rights issue.

Since this community discusses CAPTCHA (see sidebar), I thought I should plug a community I just started. !captcha_required@lemmy.sdf.org is not about CAPTCHA in general, but it has the sole purpose of collecting situations where people are forced to solve a CAPTCHA in the public sector.

cross-posted from: https://infosec.pub/post/10262373

Question for people willing to visit Cloudflare sites:

How do you determine whether to trust a login page on a CF site? A sloppy or naïve admin would simply take the basic steps to putting their site on Cloudflare, in which case the authentication traffic traverses CF. Diligent admins setup a separate non-CF host for authentication.

Doing a view-source on the login page and inspecting the code seems like a lot of effort. The source for the lemmy.world login page is not humanly readable. It looks as if they obfuscated the URLs to make them less readable. Is there a reasonably convenient way to check where the creds go? Do you supply bogus login info and then check the httpput headers?

eff.org/what-is-a-passkey

via @eff

I think passwords are great what do you think?