frontpage.
newsnewestaskshowjobs

Open Source @Github

fp.

Open in hackernews

Passwords are okay, impulsive Internet isn't

https://www.dedoimedo.com/life/passwords-passkeys.html
3•brycewray•1y ago

Comments

palata•1y ago
Hmm... I see a rant against the state of software (bad software, AI diarrhea, ...) and TooBigTech having control over everything. I can agree with that, but it has nothing to do with the "passwords vs passkeys" question.

The rant against passkeys? I don't get it. Just like one can use a password manager controlled by TooBigTech or KeePass, one can use a passkey controlled by TooBigTech or a Yubikey. I find it great to authenticate directly with my Yubikey (over FIDO2) instead of using my Yubikey to decrypt a password and copying it in a form.

And then there is the part that is completely wrong about security. They say that they "can't trust their phone" so they don't want to keep the passkeys there. But that is not correct: if the passkeys are encrypted and the key is stored in a TPM, then that's effectively similar to having a security key (you have to trust the TPM, just as you have to trust the security key of course).

And then there is the nonsense:

> I can set up KeePass Portable on a USB key, run it in Linux via WINE, place it inside an encrypted VeraCrypt container, copy to any which file sharing service, if I want.

If the device where you enter the password is compromised, then the password will be compromised as soon as you enter it on that device. No matter how much you show off with your funny setup with WINE and VeraCrypt. A password manager doesn't protect against that, so passwords can be exfiltrated as they are used. Whereas a FIDO2 authentication requires the passkey every time. E.g. I need to physically touch my Yubikey for it to sign the challenge. It could be MitM, but it is visible ("I touched my Yubikey and it didn't work, what happened?").

Authenticating over FIDO2 with a security key is strictly superior to entering a password in a field, period.

12-year-old founds AI-powered receptionist business

https://www.businessinsider.com/gen-alpha-founder-ai-receptionist-small-businesses-young-geniuses...
1•ajdude•3m ago•0 comments

Chinese CZ-10B rocket booster is caught by cables in successful landing

https://twitter.com/raz_liu/status/2075526859941691886
1•LorenDB•5m ago•0 comments

NEO's Hands – An API to the Physical World

https://www.1x.tech/discover/neos-hands
1•migueloller•5m ago•0 comments

Ryanair Passenger Sucked Toward Broken Window After Midair Engine Failure

https://simpleflying.com/ryanair-thessaloniki-diversion-window-damage/
1•amelius•5m ago•0 comments

Predict AI's impact on creativity by studying what Python did to programming

https://old.reddit.com/r/Lightbulb/comments/1usl6bv/idea_predict_ais_impact_on_writing_and_creati...
1•amichail•8m ago•0 comments

Show HN: Mojave Paint for macOS, edit images like it's 1999

https://mojavepaint.app/
2•jpsimons•8m ago•0 comments

Test

https://news.ycombinator.com/submit
1•alex20465•9m ago•0 comments

GitSwitch – Manage multiple GitHub accounts without SSH config headaches

https://www.npmjs.com/package/@yinklylab.dev/gitswitch
1•lexico4real•9m ago•0 comments

MCP Server on Edge Compute 167 Lines of Python

https://lowlatencyclub.ai/blog/posts/edge-mcp-server-deploy-python
1•harpreetseehra•10m ago•0 comments

The Night Feeling

https://cleberg.net/blog/the-night-feeling.html
1•meysamazad•10m ago•0 comments

Terraforming Mars: Mass, Forcing, and Industrial Throughput Constraints

https://arxiv.org/abs/2603.00402
1•iljah•12m ago•0 comments

How I'm using CSS View Transitions on this blog

https://blog.omgmog.net/post/how-im-using-css-view-transitions-on-this-blog/
2•meysamazad•12m ago•0 comments

JellyFil ReviEwS (2026): We Tried It My Honest Review

https://gamma.app/embed/JellyFil-ReviEwS-2026-We-Tried-It-My-Honest-Review-1w1wv6vumlzptys
1•taqihays•12m ago•0 comments

The future of work: AI, juniors, and expectations

https://www.zeitgeistofbytes.com/p/the-future-of-work-ai-juniors-and
1•meysamazad•12m ago•0 comments

Tlbic v8.0 Appendix: Examining Bottom-Up Governance

https://drive.google.com/file/d/1cmTacZ9ruEVEr7I8ZEuzJ7od-7Yx40t-/view?usp=drive_link
1•michikawa59•17m ago•1 comments

OpenClaw vs. KiloClaw vs. Hermes Agent

https://3hcloud.com/blog/openclaw-vs-kiloclaw-vs-hermes-agent
1•Liriel•19m ago•0 comments

Xring: Crashing XQUIC with spec-compliant QPACK instructions

https://foxio.io/blog/xring-crashing-xquic-with-spec-compliant-qpack-instructions
2•PranaFlux•20m ago•0 comments

Promise Theory

https://en.wikipedia.org/wiki/Promise_theory
1•dmonay•21m ago•0 comments

Why Europe's tech ecosystem collapses in simulation (a causal-loop analysis)

https://hebelai.substack.com/p/why-europes-tech-ecosystem-collapses
2•bastbuch•24m ago•0 comments

Negative squaring – pre-tilted 3-bit quantization beat naive 4-bit

https://github.com/elpinyeknom/negative-squaring-/tree/main
1•faDOOM•27m ago•0 comments

Show HN: Airline pilot's interactive guide to aviation radio

https://jameshard.ing/posts/aviation-radio/
1•jamesharding•31m ago•4 comments

Ask your data in plain English

https://tablitsa.app/blog/ask-your-data-in-plain-english
1•valerko•32m ago•0 comments

Nearly half of U.S. retail spending comes from top 10% of earners

https://www.marketplace.org/story/2025/09/17/top-10-of-earners-make-up-half-of-us-retail-spending
2•akyuu•32m ago•0 comments

EasyJet is essential British travel infrastructure

https://revman.substack.com/p/easyjet-is-essential-british-travel
1•edward•32m ago•0 comments

Pgrust – Postgres, Rewritten in Rust

https://pgrust.com/
2•jonbaer•34m ago•0 comments

A Committee of Identical Agents Is Still One Mind

https://bugmedaily.substack.com/p/a-committee-of-identical-agents-is
1•enesunal•35m ago•0 comments

Comparing ML models in small molecule drug discovery

http://fbdd-lit.blogspot.com/2026/04/comparing-ml-models-in-small-molecule.html
1•surprisetalk•37m ago•0 comments

Late Bronze Age Collapse

https://acoup.blog/2026/01/30/collections-the-late-bronze-age-collapse-a-very-brief-introduction/
2•dmonay•37m ago•0 comments

Codex Chronicle

https://learn.chatgpt.com/docs/customization/chronicle
1•dmonay•38m ago•0 comments

Show HN: MCP Gateway – Turn existing APIs and databases into MCP servers

https://swaggertomcp.com
1•mhmt_dmr•39m ago•0 comments