Post A7psdyrF2NavjP0k8e by lyndon@fosstodon.org
(DIR) More posts by lyndon@fosstodon.org
(DIR) Post #A7ndKJuNAvZdb8iscq by TheFuzzStone@fosstodon.org
2021-05-31T06:08:58Z
0 likes, 0 repeats
Most operators of crypto exchanges continue to think that SMS authentication is a good thing, and some of them force their users to activate it.Idiots.#crypto #cryptocurrency #exchange #exchanges #authentication #SMS #security
(DIR) Post #A7ngSclNFzUaFqAIds by nosat@liberdon.com
2021-05-31T06:44:04Z
0 likes, 0 repeats
@TheFuzzStone Yes, this is very stupid. Any service I use that starts to mandate this I leave immediately.
(DIR) Post #A7nhYfL0hGG9vpHJnE by TheFuzzStone@fosstodon.org
2021-05-31T06:56:22Z
0 likes, 0 repeats
You know what's even dumber than that? - Limiting the number of characters for a password.Some exchangers limit it to 16 characters, and some in addition do not allow special characters for your password.
(DIR) Post #A7niQLF3d4wBF65YYa by nly@lor.sh
2021-05-31T07:06:05Z
0 likes, 0 repeats
@TheFuzzStone >passwordsWhy do we use passwords?Jesus, hasn't anyone heard of asymmetric encryption? Public and private keys.
(DIR) Post #A7psdyrF2NavjP0k8e by lyndon@fosstodon.org
2021-06-01T08:10:01Z
0 likes, 0 repeats
@TheFuzzStone So limiting passwords length can make sense on a server side to prevent denial of service attacks but it should be a much higher limit than 16 (we're talking at least 32 characters more like 100+)
(DIR) Post #A7pvjLdg43ihhEuwls by TheFuzzStone@fosstodon.org
2021-06-01T08:44:36Z
0 likes, 0 repeats
@lyndon Only a few centralized crypto services allow passwords greater than 32 characters.The rest are just idiots. I can't find any other definition.
(DIR) Post #A7pxlRYLFOlqWeY4rg by lyndon@fosstodon.org
2021-06-01T09:07:20Z
0 likes, 1 repeats
@TheFuzzStone It's a bit mad. I mean my Brick and Mortar bank limits passwords to less than 16 characters I think which is mad. NIST recommend long passwords over complex ones, and UK's Cyber Security Centre the same: