289
If only it was that easy (i.imgur.com)
submitted 4 days ago by TehBamski@lemmy.world to c/cybersecuritymemes@lemmy.world
49 comments fedilink hide all child comments
you are viewing a single comment's thread
view the rest of the comments
[-] boredsquirrel@slrpnk.net 3 points 4 days ago

Btw with TOTP the server has your secret credentials too, pretty crazy.

[-] jj4211@lemmy.world 6 points 4 days ago

Yes, shared secret based, but not a big deal because it is machine generated and unique per account. The 'server has your credential' is only a problem if the credential is reused across services. If you have access to read TOTP secrets from the server, you probably don't need those TOTP secrets to further compromise the service.

But webauthn/passkey is a better approach. Properly managed SSH keys are good too, but folks aren't too happy about how ssh keys are commonly pretty lax. Client certificates similarly would have worked, but never took off. Similar story for smartcards.

[-] boredsquirrel@slrpnk.net 1 points 4 days ago* (last edited 4 days ago)

I am in the process of buying a Nitrokey 3 Mini!

Gonna test some stuff, like Secure Element LUKS encryption on my old Thinkpad

this post was submitted on 26 Jun 2024
289 points (96.2% liked)

Cybersecurity - Memes

1480 readers
8 users here now

Only the hottest memes in Cybersecurity

founded 1 year ago
MODERATORS
Sam1232188@lemmy.world
neurohost@lemmy.world
Alphadef@programming.dev
CannaVet@lemmy.world