You must log in or register to comment.
Our passwords are screwed because the companies that store them can’t be bothered to secure them. All of this could be solved with a regulation that every compromised account means the user is owed $500.
But of course the contributors to the NYTimes can’t find fault with businesses, instead scolding customers that they’re not protecting the data that they didn’t want collected and the credentials and credit scores we didn’t ask for either.
Nobody is going to steal your identity, they’re stealing credentials that you didn’t ask for, do not benefit from, and have no control how they’re stored or maintained.
I’d say $50k - make THAT risk really hurt.
There’s no excuse for the crap we have today. Every Enterprise I’ve worked in since the mid-90’s has had strong password policy and controls.
NYT helping Anthropic overhype their new model
Insert “Always have been” meme here.
Question for the smarter/more experienced people than me, would a hardware key help with this sort of thing? I know they’re not available everywhere and you essentially need two (or like a safe with your backup password), but I’m curious if those are just like… better.
It depends on what you mean by better. A hardware token, unlike a passkey, isn’t tied to any specific device, but both a device and a hardware key can be lost. Also not every platform supports them, but I know Yubikeys at least can be used with their own authenticator app in those cases usually.
Ideally each account should be secured by multiple different factors. A passkey or hardware token are both things you have; a biometric is something you are. It’s usually better to use one from each category (i.e. a biometric plus hardware token), rather than two of the same (hardware token plus passkey).
Of course, there still are ways around MFA, such as session and token hijacking (basically why you want to be very careful when using single sign-on, or SSO, as well as the “remember me” button). Artificial intelligence models will only make these types of attacks, as well as many others, easier.
