With 3G ending in #Canada I'm being forced to upgrade my otherwise perfectly good phone

Anyone have experience with the #MotorolaG series?
I've been looking at the Moto G Stylus and trying to decide if it's a worthy change up or if I'll be annoyed with a stylus or the somehow lower specs than my current phone... Currently rocking a #OnePlus8T for comparison.

New vulnerability with compliments of #Yubikey : "Yubico’s open source pam-u2f software package implements a Pluggable Authentication Module (PAM) that can be deployed to support authentication using a YubiKey or other #FIDO compliant authenticators on macOS or Linux. This software package has an issue which allows for an authentication bypass in some configurations. An attacker would require the ability to access the system as an unprivileged user." https://www.yubico.com/support/security-advisories/ysa-2025-01/

People who use hardware security keys: Storing them in geographically diverse locations is a wise move but makes it impossible to quickly onboard. How do you keep track of where you’ve registered each key? A checklist in a spreadsheet is obvious but cumbersome. Is there a better way? (Yes I use passkeys extensively but for certain services like email, iCloud, and my password manager, a hardware option is desirable if not mandatory.) #YubiKey #YubiKeys #FIDO #FIDO2 #FIDOKey #FIDOKeys #Security

#NowPlaying on #KEXP's #Continent

Fido:
Awolowo

#Fido

https://open.spotify.com/track/1136eJrkWsDvReASbjLTaU

Unlocking Security: The Best Physical Security Keys of 2025

In an era where data breaches are rampant, physical security keys are becoming essential for safeguarding online accounts. This article dives deep into the top security keys available in 2025, evaluat...

https://news.lavx.hu/article/unlocking-security-the-best-physical-security-keys-of-2025

So, it has been like three months using FIDO/U2F keys instead of passwords. Both in my NetBSD and Arch systems.

I use a "medium" quality password to decrypt the filesystems and other one to decrypt the password manager. And that's it.

No password to log-in, to unlock screen, to run doas/sudo, etc. Just this little penguin and press its button.

Also, I'm using this as 2FA for all websites that support it. Lemmy doesn't. It's the only place where I don't use it, yet.

Because U2F uses the domain name, this is a strong protection against phishing. A similar domain may trick my eyes, but not the key.

I'm very bad at memorizing passwords, and worse at typing them. Unlocking the screen without typing my password like 3 times is a bless.

The problems: if my laptop is decrypted anybody with this penguin is root. It's kinda my Horcrux. Also, I need a second one stored safely as a backup.

So I officially have two horcruxes. Destroy both and I can't log-in anywhere.

A little help regarding the question "what other products regarding FIDO2/FIDO U2F are available apart from YubiKeys"?
https://www.dongleauth.com/dongles
https://fidoalliance.org/certification/fido-certified-products/
#authentication #security #fido #fido2

For the last few months, I had a strange issue with my Fedora 40 installation which was driving me mad.

When I had the computer running for some time, I couldn't use more than one browser, because the other couldn't even start or couldn't load websites. It was happening with Firefox and any other chromium based browser. It was unpredictable and nothing conclusive was visible in the logs and strace just showed it was waiting for something I had a hard time identifying.

Then I installed Fedora 41 on a laptop and it started to happen immediately there - not just after some time, immediately!

I took the laptop out from USB-C display to look at it in another room and it stopped.

Then I vaguely remembered I put an U2F key to my screen's usb hub for convenience of use and the issues started some time after that.

Yep. It was the key. When it's connected through the USB hub in my screen, the browsers somehow "battle" for it It's a normal USB-A U2F key by IDEM. Never heard about such issues, and the key is working normally when connected to the computer directly.

#JustLinuxFun #Linux #U2F #FIDO #Chromium #Firefox #usb

PSA for #IdAustria users: After a local attack on YubiKey devices (CVSS 4.9), A-Trust has delisted them from enrollment with ID-Austria via #WebAuthn.
Apart from factually being an overreaction (they demand #FIDO Level 2 which scalable attacks, and that attack is neither), they have not reinstated those devices in the fixed revisions of the vendor; let's see if they'll see reason
https://www.yubico.com/support/security-advisories/ysa-2024-03/
https://a-trust.at/de/%C3%BCber_uns/newsbereich/20240905_de_post.html

#Passkeys sicher importieren und exportieren | iX Magazin https://www.heise.de/news/Passkeys-sicher-importieren-und-exportieren-9982006.html #passkey #FIDO

After some pam configs, I can use the USB keys to authenticate `login` and `doas` instead of password.

I've just used one of these to log in here!

I just installed security/libfido2 from #pkgsrc and restarted Firefox.

I was mentally prepared for a lot of troubleshooting that never happened lol

I ordered two FIDO2 USB keys.

I want to know how (in)convenient are they.

If I can use them, I will have KeepassXC with passwords only, and a separated second factor.

Plus, this second factor won't be as attractive as smartphones to thefts. So, less chances to lost it.

I've read that a good strategy is to have a USB key for everyday use, and a second one stored in a safe place as a backup, just in case the primary one is lost or damaged.

If I understood correctly what I've read, they will be compatible with NetBSD. One can only hope xD

The FIDO Alliance, the organization that’s helping shepherd passkey adoption, announced a draft of new specifications that would let users securely move their passkeys across different password managers.

#passkeys #password #manager #fido
https://www.theverge.com/2024/10/15/24270875/password-manager-makers-transfer-passkeys-fido-alliance

New #FIDO proposal lets you securely move passkeys across platforms

The FIDO alliance has _finally_ presented something about transferring passkeys between custodians. This created the real possibility of vendor lock-in; especially if you wanted to switch devices or use a different custodian (I advocate for @bitwarden because I am biased).

This is subject to change, but great development news imo.

#passkeys #cybersecurity

https://www.bleepingcomputer.com/news/security/new-fido-proposal-lets-you-securely-move-passkeys-across-platforms/

#ayuda fediverso por favor
cual es el autenticador / identity provider mas sencillo que utilizar?
estoy tratando (pero atascado) de usar #authelia con #nginx_proxy_manager con esta guia: https://ambientnode.uk/authelia-npm/ pero estoy atascado con el apartado de #totp
busco uno que sea:
- sencillo de configurar e instalar
- que tenga #2fa #totp
- y muy idealmente, soporte para llaves fisicas (#fido)
se agradece boost