Conversation

2FA and password managers are a lousy design solution to password security. Just moves all risks upstream into a Grand Unified Metacatastrophe Risk: losing your phone or primary key device. There’s got to be a better way.
14
88
Is there no way to distribute the risks so losses are decoupled and localized? I think this situation is due to paranoid people designing diy systems for normies. Like compensating for bad autopilots in driverless cars with... heavier duty seatbelts.
1
11
Beginning to think mass cryptography is the interchangeable parts of the digital age, and its primary impact is inconvenience. Just like the primary impact of interchangeable parts is convenience. Except it is non-interchangeable identities.
3
9
“Modern conveniences” was a cliche for describing industrial mass production artifacts like refrigerators and vacuum cleaners. I’ll be using the term postmodern inconveniences for the effects of mass cryptography.
1
8
Every opsec geek has a great solution: for opsec geeks. We need a solution for somewhat careless mediocre types.
3
17
Your online identity is a thing you own like a car or home. Comes with all the maintenance hassles but no guaranteed capital asset type value.
2
22
Replying to
In some sense this is a micro manifestation of the broader pattern of technology society: we use tech to facilitate interactions (& scale the domain) that in previous eras would have relied on deep human trust. This separation atomizes humans, and increases fungibility of humans.
1
1
Replying to and
We increasingly become the interchangeable parts in other people’s lives. You find it stark that you need locks for your bike. But your ancestors would have found it odder, by far, that you & your family sleep next to total strangers, separated by thin walls.
1
1
Show replies
Replying to
My approach has been to use multiple security keys whenever possible. Makes it less likely to be cut off. Of course... Some sites only support one key. iOS (and even Android) support is bad. Doesn’t really solve the “how do I bootstrap access to my password manager” problem.
1