Technology

64937 readers

4617 users here now

This is a most excellent place for technology news and articles.

Our Rules

Follow the lemmy.world rules.
Only tech related content.
Be excellent to each other!
Mod approved content bots can post up to 10 articles per day.
Threads asking for personal tech support may be deleted.
Politics threads may be removed.
No memes allowed as posts, OK to post as comments.
Only approved bots from the list below, to ask if your bot can be added please contact us.
Check for duplicates before posting, duplicates may be removed
Accounts 7 days and younger will have their posts automatically removed.

Approved Bots

founded 2 years ago

MODERATORS

[email protected]

715

The Fediverse Isn’t the Future. It’s the Present We’ve Been Denied. (www.joanwestenberg.com)

submitted 1 day ago by [email protected] to c/[email protected]

66 comments fedilink hide all child comments

you are viewing a single comment's thread
view the rest of the comments

[+] [email protected] -8 points 1 day ago* (last edited 1 day ago) (1 children)

Oh I don't know what it is, sorry I thought I made that clear. But a quick search on the internet said it was basically 2fa with a qr code and since the issue was how it would protect Lemmy from bots I just thought it wouldn't be hard for a bot to read a qr code.

[–] [email protected] 7 points 1 day ago* (last edited 1 day ago) (1 children)

Bruh that's gotta be one of the worst trains of thought I've seen recently ngl. I don't even know how passkeys work and I know that. Based on your understanding, you could log into someone's account just by reading a QR code. Which of these is more likely:

The entire cybersecurity community mysteriously and completely forgot that machines can read QR codes (which is, by the way, literally the entire purpose of a QR code)
You don't understand how passkeys work

How arrogant do you have to be?

[–] [email protected] -2 points 1 day ago* (last edited 1 day ago)

Well again, the claim was that somehow passkeys would stop Lemmy from being flooded by bots.

So in that situation, we aren't talking about hacking. We are simply talking about if a login could be triggered programmatically. So if Lemmy required passkeys to be used instead of passwords. And if the passkeys required scanning a QR code to sign in. I imagine It would provide minimal disruption to an automated login.

Now if the passkeys somehow enforced a real human to do something that only a human could do, then yes it would stop an automated registration/login. However if it's possible to automate then it wouldn't stop bots.