I love Lemmy and Voyager and the Fediverse. That said, if it were to become mainstream I forsee some problems. The fact that the login relies on only passwords is pretty terrible. Also, this makes the service vulnerable to bots, sock puppet accounts, brigading, etc.
this post was submitted on 08 Mar 2025
2 points (100.0% liked)
Technology
69247 readers
3821 users here now
This is a most excellent place for technology news and articles.
Our Rules
- Follow the lemmy.world rules.
- Only tech related news or articles.
- Be excellent to each other!
- Mod approved content bots can post up to 10 articles per day.
- Threads asking for personal tech support may be deleted.
- Politics threads may be removed.
- No memes allowed as posts, OK to post as comments.
- Only approved bots from the list below, this includes using AI responses and summaries. To ask if your bot can be added please contact a mod.
- Check for duplicates before posting, duplicates may be removed
- Accounts 7 days and younger will have their posts automatically removed.
Approved Bots
founded 2 years ago
MODERATORS
What would you propose replace passwords to not be susceptible to those things?
I personally like how secure and non intrusive passwords are, especially when using a self hosted password manager synced with git.
Passkeys are much better. Unlike what FAANG companies want you to believe, they do not have to be tied to a device. Use a password manager that supports them (BitWarden) and pretty much never get hacked again because of a password. Website doesn’t need to store anything that an attacker can use. No downside.
I'd much rather use a password and a two-factor auth via TOTP code. It's fast, portable, I can store them on a variety of open source apps, and it's very hard to hack. I don't need to use a specific provider, or browser. Flexible and free.
Passkeys in their current implementation are comparatively a mess. Here's an article that runs through many reasons why:
The problem is that it’s “too complicated“ by presenting choices before knowing what they mean. It’s a decision tree without knowing the outcomes.
I’m new to Lemmy and it wasn’t as easy to sign up and use as Reddit or other social networks.
First I had to choose a server. To do that I had learn the consequences of choosing a server. Once I decided .ml had a sign up process where I had to be approved.
Then I wanted to choose a community, I think it’s called, and found there were multiple communities with the same name. Once again I had to make a choose without knowing the difference.
It all reminded me of the Paradox of Choice TED talk, https://www.ted.com/talks/barry_schwartz_the_paradox_of_choice .
Finally I had to choose an app, as there is no official one. Now I’m in Mlem, but I don’t know if it’s better or worse than the others.
Choice is great but for easier onboarding a first stop for server and app would be great. Like browser, you’re given one when you start and if you want better, and you’re ready too look for one, you can go looking.
Finally I had to choose an app, as there is no official one
It's called Jerboa and it's one of the worse ones, but it does exist