“Passkeys,” the secure authentication mechanism built to replace passwords, are getting more portable and easier for organizations to implement thanks to new initiatives the FIDO Alliance announced on Monday.

  • funkless_eck@sh.itjust.works
    link
    fedilink
    English
    arrow-up
    21
    ·
    2 months ago

    I work for multiple organizations. The majority of which have a Google sheet with their passwords in that are

          c0mpanyname2018! 
    

    Those that aren’t are

           pandasar3cute123? 
    
    • Echo Dot
      link
      fedilink
      English
      arrow-up
      3
      ·
      edit-2
      2 months ago

      At one point the organization I work for had a password that was literally Password-022!, guess what it was the following month?

    • Prison Mike@links.hackliberty.org
      link
      fedilink
      English
      arrow-up
      1
      ·
      2 months ago

      I had to start hashing passwords and sending it to the haveibeenpwned API.

      I also fight with my users over data normalization because any time I add some rule (like don’t put “SO#” as part of the value of the “SO#” field), they’re too stupid to realize the point and find some other “hack” around it.