mastodon.world is one of the many independent Mastodon servers you can use to participate in the fediverse.
Generic Mastodon server for anyone to use.

Server stats:

8.4K
active users

#authenticate

0 posts0 participants0 posts today
adingbatponder<p>Tying to fix my parents' in law's apple stuff. They cannot access the appstore on their <a href="https://fosstodon.org/tags/iphone" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>iphone</span></a> (running under an appleID), to get an app, because the <a href="https://fosstodon.org/tags/appstore" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>appstore</span></a> app wants an appleID / <a href="https://fosstodon.org/tags/apple" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>apple</span></a> account <a href="https://fosstodon.org/tags/password" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>password</span></a> - which they no longer know. They can log into their <a href="https://fosstodon.org/tags/macbook" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>macbook</span></a> as a user (same appleID) with their mac_book_user_password<br>Do I understand it correctly:<br>they can choose a new <a href="https://fosstodon.org/tags/appleid" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>appleid</span></a> <a href="https://fosstodon.org/tags/appleaccount" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>appleaccount</span></a> password (to a access the appstore etc.) using the mac_book_user_password to <a href="https://fosstodon.org/tags/authenticate" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>authenticate</span></a> ?</p>
abuse.ch :verified:<p>📢 Reminder: Rate limits have been introduced for excessive API queries from unauthenticated users to keep the platforms running smoothly for everyone. </p><p>If you experience issues <a href="https://ioc.exchange/tags/Authenticate" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Authenticate</span></a> – it’s quick, easy to do, and helps ensure the platforms are stable for all.</p><p> <a href="https://ioc.exchange/tags/SteadyPlatform" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>SteadyPlatform</span></a> <a href="https://ioc.exchange/tags/SteadySignals" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>SteadySignals</span></a> 🧘</p>
AzureCerulean<p>### <a href="https://4bear.com/tags/Cloudflare" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Cloudflare</span></a> open sources <a href="https://4bear.com/tags/OPKSSH" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>OPKSSH</span></a> to bring Single Sign-On <a href="https://4bear.com/tags/SSO" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>SSO</span></a> to <a href="https://4bear.com/tags/SSH" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>SSH</span></a></p><p>This week, it was officially open-sourced under the umbrella of the <a href="https://4bear.com/tags/OpenPubkey" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>OpenPubkey</span></a> project, itself became a <a href="https://4bear.com/tags/Linux" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Linux</span></a> Foundation open-source initiative in 2023, OPKSSH remained closed-source until now. Making it easy to <a href="https://4bear.com/tags/authenticate" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>authenticate</span></a> to <a href="https://4bear.com/tags/servers" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>servers</span></a> over SSH using <a href="https://4bear.com/tags/OpenID" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>OpenID</span></a> Connect (<a href="https://4bear.com/tags/OIDC" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>OIDC</span></a>), allowing developers to ditch manually configured SSH keys in favor of identity provider-based access.</p><p><a href="https://www.helpnetsecurity.com/2025/03/28/opkssh-sso-ssh/" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://www.</span><span class="ellipsis">helpnetsecurity.com/2025/03/28</span><span class="invisible">/opkssh-sso-ssh/</span></a></p>
Tommi Nieminen<p>Jos <a href="https://mastodontti.fi/tags/2FA" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>2FA</span></a>-tunnistautumisessa pyrkii eroon amerikkalaisista <a href="https://mastodontti.fi/tags/Google" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Google</span></a>'n ja <a href="https://mastodontti.fi/tags/Microsoft" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Microsoft</span></a>'in <a href="https://mastodontti.fi/tags/Authenticate" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Authenticate</span></a>-sovelluksista, mikä olisi suositus? <a href="https://mastodontti.fi/tags/FLOSS" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>FLOSS</span></a> toiveissa. <a href="https://mastodontti.fi/tags/atkjuttuja" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>atkjuttuja</span></a></p>
abuse.ch :verified:<p>Make sure you're authenticated to awaken new features and 🕵️‍♂️ hunting capabilities within our platforms. Will you authenticate and embrace the power? 🧑‍💻⚡</p><p>Remember: The time has come to limit query volumes for unauthenticated users that query the platforms excessively. Let’s keep them running smoothly for everyone 🟢 - there's no need to hammer the platforms, even if you are authenticated!</p><p><a href="https://ioc.exchange/tags/ItsComing" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>ItsComing</span></a> <a href="https://ioc.exchange/tags/NewHuntingPower" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>NewHuntingPower</span></a> <a href="https://ioc.exchange/tags/BeReady" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>BeReady</span></a> <a href="https://ioc.exchange/tags/Authenticate" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Authenticate</span></a></p>
h o ʍ l e t t<p>→ Pairwise Authentication of Humans<br><a href="https://www.schneier.com/blog/archives/2025/02/pairwise-authentication-of-humans.html" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://www.</span><span class="ellipsis">schneier.com/blog/archives/202</span><span class="invisible">5/02/pairwise-authentication-of-humans.html</span></a></p><p>“Here’s an easy system for two humans to remotely authenticate to each other, so they can be [more confident] that neither are digital impersonations.”</p><p>PeerAuth → <a href="https://ksze.github.io/PeerAuth/" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="">ksze.github.io/PeerAuth/</span><span class="invisible"></span></a></p><p><a href="https://mamot.fr/tags/Pairwise" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Pairwise</span></a> <a href="https://mamot.fr/tags/humans" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>humans</span></a> <a href="https://mamot.fr/tags/authenticate" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>authenticate</span></a> <a href="https://mamot.fr/tags/impersonations" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>impersonations</span></a> <a href="https://mamot.fr/tags/PeerAuth" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>PeerAuth</span></a></p>
xoron :verified:<p><span class="h-card" translate="no"><a href="https://infosec.space/@kkarhan" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>kkarhan</span></a></span> </p><p>thanks for the reply! far from being discouraged, i appriciate your engagement. i will try to be reasonably brief in my reponse to your points and give a general update on progress and objective.</p><p>&gt; scout out existing solutions</p><p>i have seem similar <a href="https://infosec.exchange/tags/webapp" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>webapp</span></a> implementation, i think so far for "that kind" of chat app, the chat app is able to demonstrate similar basic functionality. for a wider adoption, the user interface needs to be more appealing, but i think its important to have a working proof-of-concept first. the project is specifically aiming to be a <a href="https://infosec.exchange/tags/javascript" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>javascript</span></a> <a href="https://infosec.exchange/tags/localFirst" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>localFirst</span></a> <a href="https://infosec.exchange/tags/webapp" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>webapp</span></a>.</p><p>a couple notable similar implementation to mine are:<br>- <a href="https://github.com/cryptocat/cryptocat" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="">github.com/cryptocat/cryptocat</span><span class="invisible"></span></a><br>- <a href="https://github.com/jeremyckahn/chitchatter" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">github.com/jeremyckahn/chitcha</span><span class="invisible">tter</span></a><br>(im sure there are many more, but i think my approach is yet different and unique to the ones i've come across.)</p><p>&gt; DO NOT DIY ENCRYPTION!</p><p>this is indeed a reccomended practice i have seen several times. here is a previsous reddit post on the matter: <a href="https://www.reddit.com/r/cryptography/comments/1cint8h/what_are_your_thoughts_on_subtlecrypto_vs_wasm" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://www.</span><span class="ellipsis">reddit.com/r/cryptography/comm</span><span class="invisible">ents/1cint8h/what_are_your_thoughts_on_subtlecrypto_vs_wasm</span></a> ... tldr; the underlying implementation provided by the browser is the best way to go. i have implemented the <a href="https://infosec.exchange/tags/encryption" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>encryption</span></a> using the <a href="https://infosec.exchange/tags/webcrypto" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>webcrypto</span></a> <a href="https://infosec.exchange/tags/api" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>api</span></a>. i aim to not use a library for this. </p><p>i generally try to word things in a way that users can provide feedback on features. the app is still in a very early stage, but has a reasonable amount of features. im generally open to requests and questions.</p><p>&gt; minimum viable product</p><p>what you see as the chat app is also the <a href="https://infosec.exchange/tags/minimum" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>minimum</span></a> <a href="https://infosec.exchange/tags/viable" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>viable</span></a> <a href="https://infosec.exchange/tags/product" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>product</span></a>. i think its sufficiently demonstrates the basic functionality of a chat app. i think the next step is to make the app more stable and user friendly.</p><p>those other apps youve mentions ive come across before. what sets my approach apart is that mine it's purely a webapp. with what id like to describe as <a href="https://infosec.exchange/tags/p2p" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>p2p</span></a> <a href="https://infosec.exchange/tags/authentication" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>authentication</span></a> over <a href="https://infosec.exchange/tags/webrtc" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>webrtc</span></a>, im able to remove reliance on a backend for <a href="https://infosec.exchange/tags/authenticate" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>authenticate</span></a> <a href="https://infosec.exchange/tags/data" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>data</span></a> <a href="https://infosec.exchange/tags/connections" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>connections</span></a>. in some cases, bypass the internet (wifi/hotspot). while there are several ways to <a href="https://infosec.exchange/tags/selfhost" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>selfhost</span></a>, in this approach of a <a href="https://infosec.exchange/tags/javascript" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>javascript</span></a> implementation, im able to store large amounts of data in the browser so things like images and <a href="https://infosec.exchange/tags/encryptionKeys" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>encryptionKeys</span></a> can be <a href="https://infosec.exchange/tags/selfhosted" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>selfhosted</span></a>" in the browser. while this form has nuanced limitations, it also has interesting implications to security and privacy.</p><p>there are many nice features from the different apps you mentioned and i think i have some unique features too. the bottle neck in this project is that i dont put in enough time to the app.</p><p>&gt; feel free to slowly ibtegrate them.</p><p>this is basically already my approach to get the app to where it is now.</p><p>thanks for the luck, take care and i hope you stay tuned for updates.</p>
Royce Williams<p>If anyone is at Authenticate and spots some unusual models or colors of security keys not shown here, or stickers or other ephemera... photos or samples appreciated! :D</p><p><a href="https://infosec.exchange/tags/Authenticate" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Authenticate</span></a> <a href="https://infosec.exchange/tags/Authenticate2024" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Authenticate2024</span></a></p>
eicker.news ᳇ tech news<p>»<a href="https://eicker.news/tags/Threads" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Threads</span></a> says it will make its <a href="https://eicker.news/tags/API" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>API</span></a> broadly available by June: The API currently allows users to <a href="https://eicker.news/tags/authenticate" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>authenticate</span></a>, <a href="https://eicker.news/tags/publish" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>publish</span></a> threads and <a href="https://eicker.news/tags/fetch" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>fetch</span></a> the content they post through these tools.« <a href="https://techcrunch.com/2024/03/01/threads-says-it-will-make-its-api-broadly-available-by-june/?eicker.news" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">techcrunch.com/2024/03/01/thre</span><span class="invisible">ads-says-it-will-make-its-api-broadly-available-by-june/?eicker.news</span></a> <a href="https://eicker.news/tags/tech" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>tech</span></a> <a href="https://eicker.news/tags/media" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>media</span></a></p>
David Bremner<p>Recently several <a href="https://mathstodon.xyz/tags/Canadian" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Canadian</span></a> organizations have asserted to me that typing my name into web form constitutes a "Digital Signature". Are they just making shit up, or is there any <a href="https://mathstodon.xyz/tags/legal" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>legal</span></a> validity to this idea? I guess it's similar to clicking an "I agree" button. In the first case I was authenticated to my university's sketchy web <a href="https://mathstodon.xyz/tags/SSO" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>SSO</span></a> (they all seem sketchy to me). The second case was even more dubious, as I was renewing my driver's license, and all of the information used to <a href="https://mathstodon.xyz/tags/authenticate" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>authenticate</span></a> is on the license card.</p>
Nicolas Fränkel 🇺🇦🇬🇪<p>Securely <a href="https://mastodon.top/tags/authenticate" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>authenticate</span></a> to <a href="https://mastodon.top/tags/GoogleCloud" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>GoogleCloud</span></a> from <a href="https://mastodon.top/tags/GitHub" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>GitHub</span></a> <a href="https://blog.frankel.ch/authenticate-google-cloud-github/" rel="nofollow noopener" target="_blank"><span class="invisible">https://</span><span class="ellipsis">blog.frankel.ch/authenticate-g</span><span class="invisible">oogle-cloud-github/</span></a></p><p><a href="https://mastodon.top/tags/fromthearchives" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>fromthearchives</span></a></p>
Geekmaster 👽:system76:<p>If you use <a href="https://ioc.exchange/tags/biometric" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>biometric</span></a> means for <a href="https://ioc.exchange/tags/commercial" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>commercial</span></a> purposes, not just a way for your employees to <a href="https://ioc.exchange/tags/authenticate" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>authenticate</span></a> to company devices/facilities, the <a href="https://ioc.exchange/tags/FTC" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>FTC</span></a> is putting you on notice. Only 3 states (as of today) have <a href="https://ioc.exchange/tags/Biometric" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Biometric</span></a> <a href="https://ioc.exchange/tags/Privacy" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Privacy</span></a> <a href="https://ioc.exchange/tags/Laws" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Laws</span></a> in place - more than a dozen are working on <a href="https://ioc.exchange/tags/legislation" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>legislation</span></a> now. The <a href="https://ioc.exchange/tags/ADPPA" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>ADPPA</span></a> will have provisions for Biometric Privacy with regards to commercial use, but that's probably 12-18 months out (at least) from becoming a law. Check this article out. <a href="https://ioc.exchange/tags/Illinois" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Illinois</span></a> isn't playing around: <a href="https://www.scmagazine.com/news/identity-and-access/ftc-to-crack-down-on-biometric-tec[…]GxNNIwwXOzak6aUeaAfVN26zQDToKa3VkfI6YAs3wvdfv-Woge99JpOxqlA" rel="nofollow noopener" target="_blank"><span class="invisible">https://www.</span><span class="ellipsis">scmagazine.com/news/identity-a</span><span class="invisible">nd-access/ftc-to-crack-down-on-biometric-tec[…]GxNNIwwXOzak6aUeaAfVN26zQDToKa3VkfI6YAs3wvdfv-Woge99JpOxqlA</span></a></p><p><a href="https://ioc.exchange/tags/PrivacyLaws" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>PrivacyLaws</span></a> <a href="https://ioc.exchange/tags/CyberSecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>CyberSecurity</span></a> <a href="https://ioc.exchange/tags/ThreatIntelligence" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>ThreatIntelligence</span></a> <a href="https://ioc.exchange/tags/WatchYourAsses" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>WatchYourAsses</span></a> <a href="https://ioc.exchange/tags/BreachNotificationRule" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>BreachNotificationRule</span></a></p>
🍄🌈🎮💻🚲🥓🎃💀🏴🛻🇺🇸<p>I decided to implement <a href="https://mas.to/tags/WebAuthN" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>WebAuthN</span></a> to <a href="https://mas.to/tags/authenticate" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>authenticate</span></a> on my site.</p><p>This is my first time using the navigator.credentials <a href="https://mas.to/tags/API" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>API</span></a>. Anyone got any good articles or tips for me? </p><p><a href="https://mas.to/tags/webDevelopment" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>webDevelopment</span></a> <a href="https://mas.to/tags/webDev" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>webDev</span></a> <a href="https://mas.to/tags/frontend" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>frontend</span></a> <a href="https://mas.to/tags/credentials" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>credentials</span></a> <a href="https://mas.to/tags/web" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>web</span></a> <a href="https://mas.to/tags/browser" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>browser</span></a> <a href="https://mas.to/tags/auth" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>auth</span></a> <a href="https://mas.to/tags/authentication" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>authentication</span></a> <a href="https://mas.to/tags/login" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>login</span></a></p>
EINGFOAN :donor:<p>Is there an easy way how to <a href="https://infosec.exchange/tags/authenticate" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>authenticate</span></a> <a href="https://infosec.exchange/tags/linux" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>linux</span></a> with <br><a href="https://infosec.exchange/tags/azureMFA" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>azureMFA</span></a> via <a href="https://infosec.exchange/tags/azuread" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>azuread</span></a></p>