MastodonTech.de

xyhhx 🔻 (plz hire me)i *still* don't understand how this onlykey works. i've kinda figured out how to generate subkeys (you have to have $GNUPGHOME point to a valid keyring that has a public key on which you want to create a subkey for, but use `--homedir` to point to a new directory for onlykey to put the new keyring with the subkey), but now it won't generate keys except for the uid i used to use? <a href="https://nso.group/tags/onlykey" class="mention hashtag" rel="nofollow noopener" target="_blank">#onlykey</a> <a href="https://nso.group/tags/hardwareKey" class="mention hashtag" rel="nofollow noopener" target="_blank">#hardwareKey</a> <a href="https://nso.group/tags/securityKey" class="mention hashtag" rel="nofollow noopener" target="_blank">#securityKey</a> <a href="https://nso.group/tags/pgp" class="mention hashtag" rel="nofollow noopener" target="_blank">#pgp</a> <a href="https://nso.group/tags/gpg" class="mention hashtag" rel="nofollow noopener" target="_blank">#gpg</a>

Nitrokey⏰ While 2024 is reaching the finish line, we‘d like to take a moment to thank everyone who is supporting us on our mission to secure the digital life. 🛡 We‘re truly grateful for having such loyal customers. 🙏 We wish you happy holidays! 🎄 May 2025 be the year we all wish for! 💪 Stay secure! 🙂 <a href="https://social.nitrokey.com/tags/nitrokey" class="mention hashtag" rel="nofollow noopener" target="_blank">#nitrokey</a> <a href="https://social.nitrokey.com/tags/cybersecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#cybersecurity</a> <a href="https://social.nitrokey.com/tags/staysecure" class="mention hashtag" rel="nofollow noopener" target="_blank">#staysecure</a> <a href="https://social.nitrokey.com/tags/nitrokeypro" class="mention hashtag" rel="nofollow noopener" target="_blank">#nitrokeypro</a> <a href="https://social.nitrokey.com/tags/opensource" class="mention hashtag" rel="nofollow noopener" target="_blank">#opensource</a> <a href="https://social.nitrokey.com/tags/internetsecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#internetsecurity</a> <a href="https://social.nitrokey.com/tags/securitykey" class="mention hashtag" rel="nofollow noopener" target="_blank">#securitykey</a> <a href="https://social.nitrokey.com/tags/usbkey" class="mention hashtag" rel="nofollow noopener" target="_blank">#usbkey</a> <a href="https://social.nitrokey.com/tags/secureyourdigitallife" class="mention hashtag" rel="nofollow noopener" target="_blank">#secureyourdigitallife</a>

Colan SchwartzThis is unfortunate because I received a pair of these recently that I've been meaning to take out of the package. I guess they won't be issuing recalls?<a href="https://arstechnica.com/security/2024/09/yubikeys-are-vulnerable-to-cloning-attacks-thanks-to-newly-discovered-side-channel/" rel="nofollow noopener" translate="no" target="_blank">https://arstechnica.com/security/2024/09/yubikeys-are-vulnerable-to-cloning-attacks-thanks-to-newly-discovered-side-channel/</a><a href="https://mastodon.social/tags/securitykey" class="mention hashtag" rel="nofollow noopener" target="_blank">#securitykey</a> <a href="https://mastodon.social/tags/sidechannel" class="mention hashtag" rel="nofollow noopener" target="_blank">#sidechannel</a> <a href="https://mastodon.social/tags/yubikey" class="mention hashtag" rel="nofollow noopener" target="_blank">#yubikey</a> <a href="https://mastodon.social/tags/yubikeys" class="mention hashtag" rel="nofollow noopener" target="_blank">#yubikeys</a> <a href="https://mastodon.social/tags/hardwaretokens" class="mention hashtag" rel="nofollow noopener" target="_blank">#hardwaretokens</a> <a href="https://mastodon.social/tags/hardwaretoken" class="mention hashtag" rel="nofollow noopener" target="_blank">#hardwaretoken</a> <a href="https://mastodon.social/tags/cryptography" class="mention hashtag" rel="nofollow noopener" target="_blank">#cryptography</a> <a href="https://mastodon.social/tags/credentials" class="mention hashtag" rel="nofollow noopener" target="_blank">#credentials</a> <a href="https://mastodon.social/tags/fido" class="mention hashtag" rel="nofollow noopener" target="_blank">#fido</a>

Jef Kazimer😶‍🌫️I don't know who needs to hear this, but put an AirTag on that key ring of FIDO2 security keys you have.<a href="https://infosec.exchange/tags/passkey" class="mention hashtag" rel="nofollow noopener" target="_blank">#passkey</a> <a href="https://infosec.exchange/tags/fido2" class="mention hashtag" rel="nofollow noopener" target="_blank">#fido2</a> <a href="https://infosec.exchange/tags/securitykey" class="mention hashtag" rel="nofollow noopener" target="_blank">#securitykey</a>

nemo™ 🇺🇦🔒 Secure your online accounts with SoloKeys! 🔑 Open-source security keys built with Trussed®. Works with Google, Facebook, Twitter & more. Get yours now: <a href="https://solokeys.com/" rel="nofollow noopener" translate="no" target="_blank">https://solokeys.com/</a><a href="https://mas.to/tags/SoloKeys" class="mention hashtag" rel="nofollow noopener" target="_blank">#SoloKeys</a> <a href="https://mas.to/tags/SecurityKey" class="mention hashtag" rel="nofollow noopener" target="_blank">#SecurityKey</a> <a href="https://mas.to/tags/TwoFactorAuth" class="mention hashtag" rel="nofollow noopener" target="_blank">#TwoFactorAuth</a> <a href="https://mas.to/tags/FIDO2" class="mention hashtag" rel="nofollow noopener" target="_blank">#FIDO2</a> <a href="https://mas.to/tags/OpenSource" class="mention hashtag" rel="nofollow noopener" target="_blank">#OpenSource</a>

🧿🪬🍄🌈🎮💻🚲🥓🎃💀🏴🛻🇺🇸Does anyone know of a bank that lets you use a Fido2 security key to authenticate?My bank only allows SMS based 2FA, so my fiat can all be stolen by any employee of my phone company at any time.<a href="https://mastodon.social/tags/2fa" class="mention hashtag" rel="nofollow noopener" target="_blank">#2fa</a> <a href="https://mastodon.social/tags/security" class="mention hashtag" rel="nofollow noopener" target="_blank">#security</a> <a href="https://mastodon.social/tags/fido2" class="mention hashtag" rel="nofollow noopener" target="_blank">#fido2</a> <a href="https://mastodon.social/tags/securityKey" class="mention hashtag" rel="nofollow noopener" target="_blank">#securityKey</a> <a href="https://mastodon.social/tags/yubikey" class="mention hashtag" rel="nofollow noopener" target="_blank">#yubikey</a> <a href="https://mastodon.social/tags/passkey" class="mention hashtag" rel="nofollow noopener" target="_blank">#passkey</a> <a href="https://mastodon.social/tags/bank" class="mention hashtag" rel="nofollow noopener" target="_blank">#bank</a> <a href="https://mastodon.social/tags/fido" class="mention hashtag" rel="nofollow noopener" target="_blank">#fido</a> <a href="https://mastodon.social/tags/webauthn" class="mention hashtag" rel="nofollow noopener" target="_blank">#webauthn</a> <a href="https://mastodon.social/tags/auth" class="mention hashtag" rel="nofollow noopener" target="_blank">#auth</a> <a href="https://mastodon.social/tags/authentication" class="mention hashtag" rel="nofollow noopener" target="_blank">#authentication</a>

🧿🪬🍄🌈🎮💻🚲🥓🎃💀🏴🛻🇺🇸PassKeys seem like a bad idea. Google backs them up to the cloud, so if your Google account is compromised then all your private keys are compromised. I don't see how that's an improvement over password+2FA at all.Now security keys I get; keep the private key on an airgapped device. That's good. Hell I even keep my 2FA-OTP salts on a YubiKey.<a href="https://mastodon.social/tags/passkeys" class="mention hashtag" rel="nofollow noopener" target="_blank">#passkeys</a> <a href="https://mastodon.social/tags/fido2" class="mention hashtag" rel="nofollow noopener" target="_blank">#fido2</a> <a href="https://mastodon.social/tags/webauthn" class="mention hashtag" rel="nofollow noopener" target="_blank">#webauthn</a> <a href="https://mastodon.social/tags/yubikey" class="mention hashtag" rel="nofollow noopener" target="_blank">#yubikey</a> <a href="https://mastodon.social/tags/2fa" class="mention hashtag" rel="nofollow noopener" target="_blank">#2fa</a> <a href="https://mastodon.social/tags/otp" class="mention hashtag" rel="nofollow noopener" target="_blank">#otp</a> <a href="https://mastodon.social/tags/authentication" class="mention hashtag" rel="nofollow noopener" target="_blank">#authentication</a> <a href="https://mastodon.social/tags/cryptography" class="mention hashtag" rel="nofollow noopener" target="_blank">#cryptography</a> <a href="https://mastodon.social/tags/security" class="mention hashtag" rel="nofollow noopener" target="_blank">#security</a> <a href="https://mastodon.social/tags/passwords" class="mention hashtag" rel="nofollow noopener" target="_blank">#passwords</a> <a href="https://mastodon.social/tags/passkey" class="mention hashtag" rel="nofollow noopener" target="_blank">#passkey</a> <a href="https://mastodon.social/tags/password" class="mention hashtag" rel="nofollow noopener" target="_blank">#password</a> <a href="https://mastodon.social/tags/securityKey" class="mention hashtag" rel="nofollow noopener" target="_blank">#securityKey</a> <a href="https://mastodon.social/tags/google" class="mention hashtag" rel="nofollow noopener" target="_blank">#google</a>

Michael :donor:When implementing <a href="https://infosec.exchange/tags/WebAuthn" class="mention hashtag" rel="nofollow noopener" target="_blank">#WebAuthn</a> on an Identity Provider's side. Where exactly should one draw the line between <a href="https://infosec.exchange/tags/SecurityKey" class="mention hashtag" rel="nofollow noopener" target="_blank">#SecurityKey</a> and <a href="https://infosec.exchange/tags/Passkey" class="mention hashtag" rel="nofollow noopener" target="_blank">#Passkey</a>? I see that most platforms make a distinction between those. Can anyone link me some article or blog post on this topic? If I were to implement security key and passkey support on a provider that does not yet support any WebAuthn, should I go down the same route?My current assumption is that during passkey registration you'd set "residentKey = required" and "userVerification = required", whereas for a security key you'd set "residentKey = discouraged" and "userVerification = preferred".Also, I'm assuming that a security key can also function as a form of <a href="https://infosec.exchange/tags/passwordless" class="mention hashtag" rel="nofollow noopener" target="_blank">#passwordless</a> multi-factor authentication if UV was true during registration AND authentication. Obviously without the neat part of Passkeys where you don't have to manually enter the username.<a href="https://infosec.exchange/tags/IAM" class="mention hashtag" rel="nofollow noopener" target="_blank">#IAM</a> <a href="https://infosec.exchange/tags/Authentication" class="mention hashtag" rel="nofollow noopener" target="_blank">#Authentication</a>

Doug WebbJust ordered a hardware security token.Will this improve my security, privacy, coonvenience?I'll let you know.<a href="https://mastodon.xyz/tags/2fa" class="mention hashtag" rel="nofollow noopener" target="_blank">#2fa</a> <a href="https://mastodon.xyz/tags/mfa" class="mention hashtag" rel="nofollow noopener" target="_blank">#mfa</a> <a href="https://mastodon.xyz/tags/security" class="mention hashtag" rel="nofollow noopener" target="_blank">#security</a> <a href="https://mastodon.xyz/tags/securitykey" class="mention hashtag" rel="nofollow noopener" target="_blank">#securitykey</a>

linaHeyyy I'm thinking about buying a security key, probably for only using it with keepassxc, can you guys recommend something solid, that's not overly expensive for a student? I don't wanna /have money for 50eur security key Also with USB-A port There are few with open source hardware which I like but still expensive 30eur, idk what's Sooo expensive on a key like that(I get it custom hardware but still) <a href="https://uwu.social/tags/security" class="mention hashtag" rel="nofollow noopener" target="_blank">#security</a> <a href="https://uwu.social/tags/passwordmanager" class="mention hashtag" rel="nofollow noopener" target="_blank">#passwordmanager</a> <a href="https://uwu.social/tags/password" class="mention hashtag" rel="nofollow noopener" target="_blank">#password</a> <a href="https://uwu.social/tags/securitykeys" class="mention hashtag" rel="nofollow noopener" target="_blank">#securitykeys</a> <a href="https://uwu.social/tags/yubikey" class="mention hashtag" rel="nofollow noopener" target="_blank">#yubikey</a> <a href="https://uwu.social/tags/keepassxc" class="mention hashtag" rel="nofollow noopener" target="_blank">#keepassxc</a> <a href="https://uwu.social/tags/securitykey" class="mention hashtag" rel="nofollow noopener" target="_blank">#securitykey</a>

Matthew Miller :donor:Who here likes hardware-backed end-to-end message encryption, in the browser? Have I got a fun toy for you!<a href="https://sneakernetsend.com" rel="nofollow noopener" translate="no" target="_blank">https://sneakernetsend.com</a>When I first discovered WebAuthn in 2019 I imagined it being used for something like this, but never imagined something like the prf extension enabling true E2EE like this. Everything happens in the browser; there's no server used in any of this because to me that defeated the purpose. I also challenged myself to make a decent UX on top of this because what good is strong encryption if it's not usable?For best results make sure you're using Chrome 116 and a recent FIDO2 security key.(I'm also trying to figure out how things get noticed on Hacker News, so if you participate over there here's the Show HN, upvotes appreciated: <a href="https://news.ycombinator.com/item?id=37148972" rel="nofollow noopener" translate="no" target="_blank">https://news.ycombinator.com/item?id=37148972</a>)<a href="https://infosec.exchange/tags/webauthn" class="mention hashtag" rel="nofollow noopener" target="_blank">#webauthn</a> <a href="https://infosec.exchange/tags/fido2" class="mention hashtag" rel="nofollow noopener" target="_blank">#fido2</a> <a href="https://infosec.exchange/tags/securitykey" class="mention hashtag" rel="nofollow noopener" target="_blank">#securitykey</a> <a href="https://infosec.exchange/tags/e2ee" class="mention hashtag" rel="nofollow noopener" target="_blank">#e2ee</a> <a href="https://infosec.exchange/tags/chrome" class="mention hashtag" rel="nofollow noopener" target="_blank">#chrome</a>

Tinned-SoftwareFor decades, users have authenticated on systems with usernames and passwords. This method of authentication has not changed since the beginning of the Internet. As the Internet became a more hostile place and threats emerged, ...<a href="https://blog.tinned-software.net/secure-authentication-and-how-it-changed-over-time/" rel="nofollow noopener" translate="no" target="_blank">https://blog.tinned-software.net/secure-authentication-and-how-it-changed-over-time/</a><a href="https://infosec.exchange/tags/security" class="mention hashtag" rel="nofollow noopener" target="_blank">#security</a> <a href="https://infosec.exchange/tags/securitykey" class="mention hashtag" rel="nofollow noopener" target="_blank">#securitykey</a> <a href="https://infosec.exchange/tags/securitykeys" class="mention hashtag" rel="nofollow noopener" target="_blank">#securitykeys</a> <a href="https://infosec.exchange/tags/fido" class="mention hashtag" rel="nofollow noopener" target="_blank">#fido</a> <a href="https://infosec.exchange/tags/fido2" class="mention hashtag" rel="nofollow noopener" target="_blank">#fido2</a> <a href="https://infosec.exchange/tags/totp" class="mention hashtag" rel="nofollow noopener" target="_blank">#totp</a> <a href="https://infosec.exchange/tags/passkey" class="mention hashtag" rel="nofollow noopener" target="_blank">#passkey</a>

EINGFOAN :donor:updated <a href="https://infosec.exchange/tags/fido2" class="mention hashtag" rel="nofollow noopener" target="_blank">#fido2</a> <a href="https://infosec.exchange/tags/fido" class="mention hashtag" rel="nofollow noopener" target="_blank">#fido</a> <a href="https://infosec.exchange/tags/securitykey" class="mention hashtag" rel="nofollow noopener" target="_blank">#securitykey</a> <a href="https://infosec.exchange/tags/comparison" class="mention hashtag" rel="nofollow noopener" target="_blank">#comparison</a> draft Version 0.8 <a href="https://infosec.exchange/tags/yubikey" class="mention hashtag" rel="nofollow noopener" target="_blank">#yubikey</a> <a href="https://infosec.exchange/tags/nitrokey" class="mention hashtag" rel="nofollow noopener" target="_blank">#nitrokey</a> <a href="https://infosec.exchange/tags/gotrust" class="mention hashtag" rel="nofollow noopener" target="_blank">#gotrust</a> <a href="https://infosec.exchange/tags/feitian" class="mention hashtag" rel="nofollow noopener" target="_blank">#feitian</a> <a href="https://infosec.exchange/tags/solokey" class="mention hashtag" rel="nofollow noopener" target="_blank">#solokey</a> <a href="https://infosec.exchange/tags/titan" class="mention hashtag" rel="nofollow noopener" target="_blank">#titan</a> <a href="https://infosec.exchange/tags/google" class="mention hashtag" rel="nofollow noopener" target="_blank">#google</a> <a href="https://infosec.exchange/tags/mfa" class="mention hashtag" rel="nofollow noopener" target="_blank">#mfa</a> <a href="https://infosec.exchange/tags/u2f" class="mention hashtag" rel="nofollow noopener" target="_blank">#u2f</a><a href="https://infosec.exchange/@Fr333k" class="u-url mention" rel="nofollow noopener" target="_blank">@Fr333k</a> <a href="https://chaos.social/@matthegap" class="u-url mention" rel="nofollow noopener" target="_blank">@matthegap</a> <a href="https://infosec.exchange/@shellsharks" class="u-url mention" rel="nofollow noopener" target="_blank">@shellsharks</a> <a href="https://infosec.exchange/@FritzAdalis" class="u-url mention" rel="nofollow noopener" target="_blank">@FritzAdalis</a> <a href="https://social.heise.de/@heisec" class="u-url mention" rel="nofollow noopener" target="_blank">@heisec</a>If updates are needed Post a reply hereCredits to<a href="https://medium.com/webauthnworks/sorting-fido-ctap-webauthn-terminology-7d32067c0b01&sa=D&source=editors&ust=1686248837634831&usg=AOvVaw1RNctynoDjZdGOtR_n3KPm" rel="nofollow noopener" target="_blank">https://medium.com/webauthnworks/sorting-fido-ctap-webauthn-terminology-7d32067c0b01&sa=D&source=editors&ust=1686248837634831&usg=AOvVaw1RNctynoDjZdGOtR_n3KPm</a><a href="https://fidoalliance.org/specifications/&sa=D&source=editors&ust=1686248837635017&usg=AOvVaw1j45hHJTnxzwWfT7VRfWK6" rel="nofollow noopener" target="_blank">https://fidoalliance.org/specifications/&sa=D&source=editors&ust=1686248837635017&usg=AOvVaw1j45hHJTnxzwWfT7VRfWK6</a><a href="https://doubleoctopus.com/blog/standards-regulations/your-complete-guide-to-fido-fast-identity-online/&sa=D&source=editors&ust=1686248837635116&usg=AOvVaw3wIncGqheQ1koX9LV9-KED" rel="nofollow noopener" target="_blank">https://doubleoctopus.com/blog/standards-regulations/your-complete-guide-to-fido-fast-identity-online/&sa=D&source=editors&ust=1686248837635116&usg=AOvVaw3wIncGqheQ1koX9LV9-KED</a>

Frühere Suchanfragen

Suchoptionen

Verwaltet von:

Serverstatistik:

#securitykey