this post was submitted on 16 Mar 2025
600 points (97.5% liked)

Greentext

5716 readers
1089 users here now

This is a place to share greentexts and witness the confounding life of Anon. If you're new to the Greentext community, think of it as a sort of zoo with Anon as the main attraction.

Be warned:

If you find yourself getting angry (or god forbid, agreeing) with something Anon has said, you might be doing it wrong.

founded 1 year ago
MODERATORS
 
you are viewing a single comment's thread
view the rest of the comments
[–] lmmarsano@lemmynsfw.com 1 points 4 hours ago* (last edited 4 hours ago)

Nah, password authentication or anything that transmits the full shared, secret is beyond primitive. Passkeys, client certificates, OTP never transmit the secret key. With passkeys & client certificates, the server never has the secret key, so it can't expose it.

Problems due to phone loss indicate bad practices. Any decent password manager or vault service can manage cryptographic credentials of any kind.