this post was submitted on 22 Feb 2026
692 points (99.4% liked)

Privacy

9029 readers
146 users here now

A community for Lemmy users interested in privacy

Rules:

  1. Be civil
  2. No spam posting
  3. Keep posts on-topic
  4. No trolling

founded 2 years ago
MODERATORS
iopq@lemmy.world
692
Persona, Discords "Age Verification" Service, creates a profile of you, sends it to the US Feds and deems you suspicious based on your appearance, exposed by Hackers (www.therage.co)
submitted 2 days ago by not_IO@lemmy.blahaj.zone to c/privacy@lemmy.world
101 comments fedilink hide all child comments
you are viewing a single comment's thread
view the rest of the comments
[–] Monument@lemmy.sdf.org 2 points 2 days ago (2 children)

…. Oh!

You just explained a question I had.
I couldn’t figure out why a pin was considered more secure.

In my reasoning: How is a PIN (potentially numeric only), changed 1x a year, safer than a password (3 of 4: Alpha, Mixed case, numeric, special chars), changed 4x a year.

The answer, as you explained, is scope of trust. Machine only vs tenant-wide. That makes sense.

[–] tux7350@lemmy.world 3 points 2 days ago

Windows Hello ties the PIN to the TPM of the computer. It's not just you having a pin, its the pin + the crypto secret loaded on the device. Thats why its more secure then just a complex password.

[–] smh@slrpnk.net 3 points 2 days ago (2 children)

That makes sense. Something you have (that specific machine) + something you know (your pin).

I used to work someplace where we all had a pin+a smart card that we'd insert into the machine, same idea except I could log into any machine with the card+pin combination.

Loved not having to remember a long AF password. Didn't like having to drive home if I forgot my card on the kitchen counter.

[–] JcbAzPx@lemmy.world 2 points 1 day ago

The problem is, if someone does get physical access to the machine, you've just made breaking into it much easier.

[–] Poem_for_your_sprog@lemmy.world 1 points 1 day ago

Just keep the card in your anus