Ah, I should have double checked the community.... Got here from /all.
No, it's not explicitly privacy friendly. It's mainly focused on a wide variety of optional UX changes, returning several paywalled features like PIP/Background playback, and removing advertising as well as providing sponsor block.
If you're looking for an ad-free client that still works right now; In the 6 years I've been using YouTube (re)vanced on android, I've only had it fail to play videos for 1 single day around 6 months ago. That was fixed within 24hrs.
Not quite the same as a full custom instance/frontend like piped; but it'll do the job while you wait for updates.
Hello, Tech Support? Yeah, I can't remember my password... I know, this is the 13th time this week... I'll try real hard to remember this time I promise.
They are more secure than password authentication, though how much more secure depends on how the user manages their passwords.
If a user never reuses passwords across different services and maintains long complex passwords, preferably randomized strings; the security upgrade of Passkeys is quite marginal. Arguably marginal enough to not even bother. The farther a user gets from 'ideal' password security practices though, the more of a security upgrade Passkeys would be for them; though convincing them of that is another story...
Switching to Passkeys does take a lot of responsibility off of both the user and service provider. The user no longer needs to ensure passwords aren't reused, insufficiently complex, or already compromised; and the service provider doesn't need to worry about leaking your passkey as they only have the public key portion which can't be used to login as you.
In some ways they can be more inconvenient though. With a password, even long unique complex passwords stored in my password manager; I can open the password manager on my phone, read the password I want, and manually enter it into an unfamiliar or shared device without having to load my entire password/key vault onto that device. Passkeys make that impossible; essentially forcing you provide the whole vault to the device or give up. It is also a big step for people that aren't familiar with password managers and are used to just remembering their passwords, to then switch to a passkey manager where they can't use their memory to login anymore.
There's good sides and bad sides to everything really. Some people will prefer one way, some will want the other way. Ultimately I think we'll get pushed into using Passkeys by most companies, just so they can shed some of the responsibility of keeping your credentials secure. A stolen passkey database, unlike a password database, would not allow you to pose as users, which leads to less claims of fraudulent activity.
I'm gonna need bigger calipers...
That's a fair solution.
I've just got remote devices syncing to my local server. From there Borg handles encrypted historical backups of that server which can be sent offline/offsite.
I like borg because of its insane de-duplication and compression algorithms. I've currently got ~480GB of data being backed up, with 16 historical copies going back 6 months: that entire archive takes up 303GB of space currently. Without the de-duplication and compression that's 7.76TB of data.
Yeah, I'm sitting there changing my password 13 times until I can go back to mine. I already do this with our 3 month expiry, but ours only checks against the current password, not a history of old passwords.
Password expiry doesn't make systems more secure, it makes users lazily set insecure passwords to deal with your shitty mind games.
TIL Horses are plants. Devious, conniving plants at that.