frontpage.
newsnewestaskshowjobs

Open Source @Github

fp.

Open in hackernews

Passwords are okay, impulsive Internet isn't

https://www.dedoimedo.com/life/passwords-passkeys.html
3•brycewray•1y ago

Comments

palata•1y ago
Hmm... I see a rant against the state of software (bad software, AI diarrhea, ...) and TooBigTech having control over everything. I can agree with that, but it has nothing to do with the "passwords vs passkeys" question.

The rant against passkeys? I don't get it. Just like one can use a password manager controlled by TooBigTech or KeePass, one can use a passkey controlled by TooBigTech or a Yubikey. I find it great to authenticate directly with my Yubikey (over FIDO2) instead of using my Yubikey to decrypt a password and copying it in a form.

And then there is the part that is completely wrong about security. They say that they "can't trust their phone" so they don't want to keep the passkeys there. But that is not correct: if the passkeys are encrypted and the key is stored in a TPM, then that's effectively similar to having a security key (you have to trust the TPM, just as you have to trust the security key of course).

And then there is the nonsense:

> I can set up KeePass Portable on a USB key, run it in Linux via WINE, place it inside an encrypted VeraCrypt container, copy to any which file sharing service, if I want.

If the device where you enter the password is compromised, then the password will be compromised as soon as you enter it on that device. No matter how much you show off with your funny setup with WINE and VeraCrypt. A password manager doesn't protect against that, so passwords can be exfiltrated as they are used. Whereas a FIDO2 authentication requires the passkey every time. E.g. I need to physically touch my Yubikey for it to sign the challenge. It could be MitM, but it is visible ("I touched my Yubikey and it didn't work, what happened?").

Authenticating over FIDO2 with a security key is strictly superior to entering a password in a field, period.

Building an AI legal companion for domestic and sexual violence survivors

https://apps.apple.com/us/app/lea-by-legali-ai/id6759547127?see-all=reviews&platform=iphone
1•irawati_puteri•50s ago•1 comments

Volkswagen to Slash Half Its Models as Sales Fall

https://www.nytimes.com/2026/07/09/business/volkswagen-china-sales.html
1•bookofjoe•1m ago•1 comments

Stack Rankings: A Comprehensive Guide

https://www.thehumancapitalhub.com/articles/stacked-rankings-a-comprehensive-guide
1•akkartik•4m ago•0 comments

Can A.I. Keep a Parent Alive?

https://www.newyorker.com/news/as-told-to/can-ai-keep-a-parent-alive
1•petethomas•8m ago•0 comments

Study: "Mommy, do you love your phone more than me?"

https://www.frontiersin.org/journals/psychology/articles/10.3389/fpsyg.2026.1766665/full
1•hbcondo714•13m ago•0 comments

Show HN: I built a free app for New Yorkers to save money on groceries

https://sbnyc.app/
2•eli_yumnik•15m ago•0 comments

Fraym – AI that creates product demo videos for you

https://tryfraym.com
1•jrud•16m ago•0 comments

Just shipped rate limiting for hypersonic.js

https://github.com/hypersonic-js/hypersonic-js
1•joaquim_d•16m ago•1 comments

What will define Elon Musk's legacy? DOGE cuts to USAID Ebola programs

https://www.theguardian.com/technology/2026/jul/07/elon-musk-doge-cuts-usaid-ebola
4•tastyface•18m ago•1 comments

We cannot wait for better post-quantum signature algorithms

https://blog.cloudflare.com/ml-dsa-will-have-to-do/
2•mappu•21m ago•0 comments

Cleveland Fed's Hammack says AI could fuel inflation, rate hikes may be needed

https://www.cnbc.com/2026/06/30/cleveland-fed-president-hammack-sees-ai-fueling-inflation-says-ra...
3•mapping365•22m ago•0 comments

The 'Father of the Internet' is finally retiring

https://techcrunch.com/2026/06/30/the-father-of-the-internet-is-finally-retiring/
2•compiler-guy•26m ago•0 comments

Surgeons face higher infertility rates. UC may make it even harder to have kids

https://sfstandard.com/2026/07/09/ucsf-surgical-residents-fertility-benefits-occupational-hazard/
2•littlexsparkee•28m ago•1 comments

Warsh picks ex-BoE chief Mervyn King and tech boss Marc Andreessen to reform Fed

https://www.ft.com/content/e45a34e0-cd96-4b72-9ff3-380efc28a705
1•JumpCrisscross•30m ago•0 comments

Ukraine: How a kamikaze drone partially AI operated is attacking Russian convoys

https://www.france24.com/en/europe/20260601-ukraine-kamikaze-drone-partially-operated-ai-attackin...
1•rawgabbit•34m ago•0 comments

Total Construction Spending: Manufacturing in the United States

https://fred.stlouisfed.org/series/TLMFGCONS
1•mooreds•36m ago•0 comments

Show HN: Fortress – a stealth Chromium so your agents stop getting blocked

https://tilion.dev
5•arhamislam5766•38m ago•0 comments

Ask HN: What are you running locally on your machine with LLMs?

2•agcat•39m ago•1 comments

Goldman Sachs limits prediction market betting for employees

https://www.ft.com/content/7a2a3200-763f-4141-8372-f2f6afba521d
7•petethomas•39m ago•0 comments

Can you guess what percentage of the lines in OpenClaw were contributed by Pete?

https://www.reddit.com/r/PrincipalAi/s/fzWPLHanBs
1•fernando-ram•41m ago•1 comments

Brown says AI make student brain no work good, teacher should help use it better

https://www.theregister.com/ai-and-ml/2026/07/09/brown-says-ai-make-class-dumb-teacher-must-help-...
1•Bender•42m ago•0 comments

Ingit – Git GUI that runs in the browsers

https://github.com/capaj/ingit
2•Capaj•42m ago•3 comments

Patch for Windows Defender 0-day could allow attackers to fill hard disk

https://arstechnica.com/security/2026/07/patch-for-windows-defender-0-day-could-allow-attackers-t...
1•Bender•42m ago•0 comments

Michigan's explosive outbreak of diarrheal parasite jumps to over 1,200 cases

https://arstechnica.com/health/2026/07/michigans-explosive-outbreak-of-diarrheal-parasite-jumps-t...
9•Bender•43m ago•0 comments

Qubits can be cloned at will if encrypted with a single-use key

https://arxiv.org/abs/2602.10695
2•lisper•43m ago•0 comments

The Version Number Is Not the Territory

https://thebuild.com/blog/the-version-number-is-not-the-territory/
2•Shorn•43m ago•1 comments

The OpenClaw Foundation: Reining in a Viral AI Agent

https://techstrong.ai/articles/the-openclaw-foundation-reining-in-a-viral-ai-agent/
1•CrankyBear•43m ago•0 comments

Collapse of AMOC ocean current may be locked in

https://www.newscientist.com/article/2533017-collapse-of-amoc-ocean-current-may-already-be-locked...
3•Anon84•44m ago•0 comments

No Boss, No Money: The Raw Reality of China's Gen-Z Freelancers [video]

https://www.youtube.com/watch?v=eJZFUEQebbI
1•binyu•45m ago•0 comments

The OpenClaw Foundation

https://openclaw.ai/blog/introducing-openclaw-foundation
2•hrudolph•52m ago•0 comments