Show more

Perhaps there's a lot more criticism in the implementations of two-factor authentication. One example is GitLab allowing recovery code generation with just a SSH key.

The places you'd expect good multi-factor authentication seem to have it the worst: PayPal hides and fights against you adding two-factor authentication. You need to head to a hidden URL and use Symantec VIP as the software token, or hack around it with python-vipaccess. No backup codes either.

Show thread

Two-factor authentication is underimplemented and underused - how many Mastodon folks here have enabled it in their account? It's a great defense against spyware.

As someone technically inclined, I use it but regardless of which factor I'm using (andOTP, Google Authenticator, SMS) I'm always uneasy about backup codes. They seem so easy to ignore or lose, and storing them digitally can undo any second factor security added.

John boosted

Goodbye 2018. Happy new year. Believe in yourselves.

Just updated my website to link back to my Mastodon account, so now the link to my home page is verified!

Question to any web developers out there: My site has articles for people to read like 'How to identify junk apps' ( jchelp.com.au/tips/junkapps.ht ), should I be adding some kind of large header image to set the mood?

The downsides would be having to find images that relate, dropping support for low bandwidth connections since I'll be pushing a giant image, making the page longer and slower.

The upside is that people may take the page more seriously since it would look like other professional prose.

I just checked my Facebook page and saw I had 2 inbox notifications. Uh-oh! Are these potential clients that I've accidentally ghosted? Opening the inbox, I find: Nothing.

Thanks Facebook.

John boosted
not gonna lie when people say they just "want a linux distro as simple as OS X/Windows" then people list off ones that are simple as hell and they're like "nah this feature doesn't work like it does on windows/os x" i scream internally
John boosted

While I was gone from the fediverse iI managed to migrate my small static business site from managed hosting to my home.

Hello again folks! I'm returning to Mastodon after mstdn.com.au disappeared. In case you don't know who I am, I'm John and I do tech support in Tenterfield. I also do remote support online, including Linux and open source support.

Aus.Social

Welcome to thundertoot! A Mastodon Instance for 'straya