undefined | Better HN

0 pointstialaramex6mo ago0 comments

> Don’t worry, when they actually target you, you’ll be caught.

When they target me, which happens, it doesn't work because of WebAuthn.

Buy a Security Key. If you think you might lose it, buy at least two more. For critical sites like GitHub (which was targeted here) set up your Security Keys and get into the habit of relying on them. It's the same philosophy as Rust itself, machines are really good at diligently performing a simple task, so don't leave those tasks to human vigilance, that is a foolish misallocation of resources.

0 comments

immibis6mo ago

"Your WebAuthn key enrollment period has expired. Please log in to re-enroll a new key."

Something similar to this was in the recent npmjs thing.

tialaramexOP6mo ago

I can't find any trace of such a thing, do you have links?

What would it even mean to "log in" if they reject my authenticator ? Logging in is what it's for.

immibis6mo ago

You have to log in with your password, of course. And then re-enroll your authenticator.

1 more reply

j / k navigate · click thread line to collapse

0 pointstialaramex6mo ago0 comments

> Don’t worry, when they actually target you, you’ll be caught.

When they target me, which happens, it doesn't work because of WebAuthn.

0 comments

immibis6mo ago

"Your WebAuthn key enrollment period has expired. Please log in to re-enroll a new key."

Something similar to this was in the recent npmjs thing.

tialaramexOP6mo ago

I can't find any trace of such a thing, do you have links?

What would it even mean to "log in" if they reject my authenticator ? Logging in is what it's for.

immibis6mo ago

You have to log in with your password, of course. And then re-enroll your authenticator.

1 more reply

j / k navigate · click thread line to collapse