this post was submitted on 12 Jun 2023
20 points (100.0% liked)
Technology
37742 readers
492 users here now
A nice place to discuss rumors, happenings, innovations, and challenges in the technology sphere. We also welcome discussions on the intersections of technology and society. If it’s technological news or discussion of technology, it probably belongs here.
Remember the overriding ethos on Beehaw: Be(e) Nice. Each user you encounter here is a person, and should be treated with kindness (even if they’re wrong, or use a Linux distro you don’t like). Personal attacks will not be tolerated.
Subcommunities on Beehaw:
This community's icon was made by Aaron Schneider, under the CC-BY-NC-SA 4.0 license.
founded 2 years ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
One thing that definitely worries me with federation in general is the barrier to entry to hosting an instance is low, by design. On one hand this is great, but on the other hand it means just about anyone can spin up an instance and collect usernames, passwords, emails, etc. from anyone who signs up
I know this is obviously no better than an single giant corporation who can do that. But it's interesting to think about.
I'm definitely not suggesting kbin.social is doing this by the way. Your post just spurred this thought for me
I am once again reminded of the always relevant XKCD comic
I do see and understand the concern, and honestly, I don't see a way around it. At some point, you have to supply some information to access services, especially if you want any sort of customization to your experience. I guess if you are really concerned about it, don't use that email/password/username combo anywhere else.
Edit: Apologies, I am still figuring out how formatting works here.
People should be using a password manager in 2023. No password reuse if you automatically generate new 20+ character passwords for each website or service you use.
Agreed. I use 1Password and love it.
I use Bitwarden, thinking about deploying a local copy of Vaultwarden as a backup as well. I’d be in trouble if access to Bitwarden’s servers went down.