Messages - db90h [ switch to compact view ]

Pages: [1] 2 3 4 5 6 ... 96next
1
Android Apps / Re: WhenLast (Android app) - v2.01 Beta - Sep 30, 2016
« on: March 09, 2015, 04:59 AM »
Makes me remember, almost time to file my taxes ;).

Nice mobile app work Mouser. Glad you are proficient in this space.

2
Living Room / Re: Use a unique password for this site
« on: March 08, 2015, 09:15 AM »
2FA is the solution to many problems, but is imperfect in some ways itself. It encourages weak passwords, since you've got 2FA to back it up.

My friend Steve Gibson is working on SQRL, as many of you know, which does help a lot with this password mess.

We'll end this thread here, and hope DC goes full SSL when the site is refactored -- which I'm sure he'll do to save money, if nothing else. He's paying way too much as-is. It's just a lot of work, but will be a good learning experience, and he's more than capable.

3
Living Room / Re: Use a unique password for this site
« on: March 07, 2015, 05:00 PM »
Yea, that's why I send my mail on post cards.

It's a simple security thing. Easier to secure everything than cherry-pick. That's all.

Surely certain portions will be broken as necessary, man-in-the-middle attacks from a legit CA, etc.. the NSA will always have their ways.

But security isn't about 'criminals', it's about online safety and privacy, especially for those who live in countries where their political affiliation this year could cost them their life the next.

4
Living Room / Re: Use a unique password for this site
« on: March 07, 2015, 11:37 AM »
Yea, rainbow tables are the term you are looking for ;). They are, again, hopefully, neutralized by appropriately salting the hashed password.

Certainly your operation is safe and warning caps removed in good reason.

A single password manager introduces a single point of failure, but is otherwise good advice.

The entirety of web traffic will be encrypted in time, whether it be via HTTP 5 or simple prudence.

5
Living Room / Re: Use a unique password for this site
« on: March 07, 2015, 11:08 AM »
Still I prefer SSL, LOL.

The idea of everything I type, even drafts, going straight to any server plaintexxt... Well, it bothers me.

DC is fine here since SMF is designed to operate w/o SSL by hashing the password on the client side. They don't use SSL on their own site.

However, it's not 'fine' as to where are in society today, so it's just something to think about as the site is refactored someday.

Pages: [1] 2 3 4 5 6 ... 96next
Go to full version