frontpage.
newsnewestaskshowjobs

Open Source @Github

fp.

Open in hackernews

Passwords are okay, impulsive Internet isn't

https://www.dedoimedo.com/life/passwords-passkeys.html
3•brycewray•1y ago

Comments

palata•1y ago
Hmm... I see a rant against the state of software (bad software, AI diarrhea, ...) and TooBigTech having control over everything. I can agree with that, but it has nothing to do with the "passwords vs passkeys" question.

The rant against passkeys? I don't get it. Just like one can use a password manager controlled by TooBigTech or KeePass, one can use a passkey controlled by TooBigTech or a Yubikey. I find it great to authenticate directly with my Yubikey (over FIDO2) instead of using my Yubikey to decrypt a password and copying it in a form.

And then there is the part that is completely wrong about security. They say that they "can't trust their phone" so they don't want to keep the passkeys there. But that is not correct: if the passkeys are encrypted and the key is stored in a TPM, then that's effectively similar to having a security key (you have to trust the TPM, just as you have to trust the security key of course).

And then there is the nonsense:

> I can set up KeePass Portable on a USB key, run it in Linux via WINE, place it inside an encrypted VeraCrypt container, copy to any which file sharing service, if I want.

If the device where you enter the password is compromised, then the password will be compromised as soon as you enter it on that device. No matter how much you show off with your funny setup with WINE and VeraCrypt. A password manager doesn't protect against that, so passwords can be exfiltrated as they are used. Whereas a FIDO2 authentication requires the passkey every time. E.g. I need to physically touch my Yubikey for it to sign the challenge. It could be MitM, but it is visible ("I touched my Yubikey and it didn't work, what happened?").

Authenticating over FIDO2 with a security key is strictly superior to entering a password in a field, period.

Show HN: Schwifty – quickly find and reuse previously executed commands

https://github.com/vanesterik/schwifty
1•bakkerinho•3m ago•0 comments

Elon Approves

https://imgur.com/gallery/De7pvyG
2•stocazzoefwefwe•6m ago•0 comments

The Day Cryptography Changed Forever

https://21ideas.org/en/gf/genesis-intro/
1•kehiy•6m ago•0 comments

How little exercise can you get away with?

https://www.economist.com/science-and-technology/2026/07/03/how-little-exercise-can-you-get-away-...
2•vinni2•7m ago•0 comments

What Is Project Aion? Inside Microsoft's Agentic Copilot OS

https://www.windowscentral.com/microsoft/windows-11/project-aion-copilot-os-faq
1•atan2•10m ago•0 comments

Is 'The College Board' a Nonprofit or a $1.6B Testing Monopoly?

https://www.forbes.com/sites/scottwhite/2025/05/26/the-college-board-exposed-nonprofit-or-16-bill...
1•Baljhin•12m ago•0 comments

Matrix Multiplication on Blackwell

https://www.modular.com/blog/matrix-multiplication-on-nvidias-blackwell-part-1-introduction
1•skidrow•13m ago•0 comments

Toward Better Hip Kernel Generation for AMD GPUs

https://scalingintelligence.stanford.edu/blogs/hipkernels/
1•skidrow•13m ago•0 comments

Show HN: Nimbus - open-source AI agent that operates your AWS and GCP

https://github.com/hritvikgupta/nimbus
1•hritvik29•13m ago•0 comments

Full Writeup of the Windows GDID

https://github.com/SmtimesIWndr/gdid-reversal
2•typeofhuman•14m ago•0 comments

CubeSandbox

https://github.com/tencentcloud/CubeSandbox
1•handfuloflight•15m ago•0 comments

Liftz: Your Gym Buddy

https://apps.apple.com/in/app/liftz-your-gym-buddy/id6779775357
1•linkesh•16m ago•0 comments

Jim's TrueType QR Code Font

https://github.com/jimparis/qr-font
1•gpvos•17m ago•1 comments

Show HN: Autoops – Multi-region data and service mesh operated by a Makefile

https://github.com/neospe/autoops
1•leschak•17m ago•0 comments

The Junior Developer Extinction: 67% Hiring Collapse Reshaping Tech Careers

https://hakia.com/news/junior-developer-crisis-2026/
2•panny•18m ago•0 comments

xAI makes its rebrand to SpaceXAI complete with a new logo

https://www.businessinsider.com/xai-rebrand-spacexai-new-logo-x-handle-spacex-2026-7
2•enlightpixel•19m ago•0 comments

Making a wazuh server in Python from scratch for fun and maybe profit

https://medium.com/@souzo/making-a-wazuh-server-in-python-from-scratch-for-fun-and-maybe-profit-c...
1•souzo•19m ago•0 comments

Current ListenBrainz server issues/high load, Part 2

https://blog.metabrainz.org/2026/07/06/current-listenbrainz-server-issues-high-load-part-2/
2•max-m•21m ago•1 comments

Show HN: Noriento – Train your sense of direction

https://noriento.com/
2•markoberkes•21m ago•0 comments

Show HN: Aestheticscience.net – A website for rating academic papers

https://aestheticscience.net/
3•pswjt•22m ago•0 comments

New app for Harry Potter fans

2•IDIRIS•23m ago•1 comments

How are you measuring Claude Code and Codex performance?

2•achalpandey•24m ago•1 comments

How ChatGPT Picks Sources (I Read the Network Traffic, Not the Outputs)

https://suganthan.com/blog/how-chatgpt-picks-sources/
2•trusche•26m ago•0 comments

Google Apps Script is now a Google Workspace core service

https://workspaceupdates.googleblog.com/2026/06/google-apps-script-workspace-core-service.html
2•kamphey•27m ago•0 comments

Kennel – Keep Your AI Agents Running Between Tasks

https://github.com/eranif/kennel
2•SableDb•28m ago•0 comments

Show HN: Free keyword search volume data

https://www.seodata.dev/
3•alentodorov•30m ago•0 comments

Look mom, no ADCs Scaling ML analog compute to 1000x lower energy than digital

https://sangota.substack.com/p/analog-can-scale-heres-how
2•sango_ta•31m ago•0 comments

x.ai Voice Agent Builder

https://x.ai/voice
2•dawie•32m ago•1 comments

Attribute Knowledge RAG Pattern for Governed AI Agents

https://superml.dev/attribute-knowledge-rag-pattern-llm-governed-attributes
2•bps1418•35m ago•0 comments

Titan's Resources and Their Utilization

https://arxiv.org/abs/2606.06608
5•bookofjoe•37m ago•1 comments