Yes - the details surrounding that, and its relationship to this statement, is covered in the article.

Care to elaborate?

Onboarding new users securely is in the forefront of most minds in my industry because the current standard is a 12 word phrase written on paper, which most users throw in a cloud solution or screenshot.

The stakes are even higher in crypto where you’re protecting, without recourse, large sums of value. Passkeys are a critically needed solution for my industry. But they need coupled with a social or offline storage recovery mechanism.

I agree 100%. As mentioned, I rarely share my approach and I’ll be deleting that comment in a bit. It works well for me.

No hacker is attempting to decode the password algorithm because they don’t know of its existence on my logins, and they have thousands of better ways to go - as you said.

I’m of the mindset that locally stored keys and/or social solutions are better than throwing all passwords in a single place.

All passwords for large amounts of people in a single place is begging for a break-in.

I spend a lot of time studying solutions in this space as I’m a long time crypto solutions dev. Lots of ideas and discussions to be had.

I’m not disagreeing with you, just having a dialogue.

One doesn’t have to remember dozens. Just a basic algorithm for deriving it from the name of the site. Complex enough that it’s not obvious looking at a couple passwords but easy to remember.

This method works for me. I understand its dangers (can still correlate. Dozen passwords and figure out the algo). But it’s my current approach. I hate even discussing it since obscurity helps.

I use a different password for every site tho. Using same pw for every site, that’s another extreme entirely.

But does their advantage in security overcome the fact that they’re a much larger target?

It’s similar to how money under a pillow could be safer than money in the bank; depending on who you are.

Yeah the pedo comment was nasty. He was just spouting off because he got his feelings hurt, I can relate to that. He is human and followed up with an apology.

I have made the mistaken assumption – and I will attempt to be better at this – of thinking that because somebody is on Twitter and is attacking me that it is open season. That is my mistake. I will correct it.

I have no clue the story with spreading covid lies. So much covid info was and still is very unknown. I’ve seen unintentional lies spread from big names on both sides on that.

I’m not saying the man is a saint, but hot damn I’d personally go after any politician for being a shitty human before I went after Elon.

Yes. Scroll to the bottom of the article. The ads all look like related stories (“sponsored content” section on verge). That’s how most sites do it too, and actually most are way worse and look more like related news without any sponsored content indication.

It’s nothing new. It’s as normal as google putting sponsored ads as the first page of results, which look like search results and also can’t be blocked or reported.

Bad at what. I’m not quick to be so black and white in a gray world, and at the same time I don’t really care one way or the other. But it’s annoying to constantly hear complaints about things related to him when everyone else does the same shit.

The article linked also has ads I can’t block or report. This is just more “rocket man bad” crap.