frontpage.
newsnewestaskshowjobs

Open Source @Github

fp.

Open in hackernews

Passwords are okay, impulsive Internet isn't

https://www.dedoimedo.com/life/passwords-passkeys.html
3•brycewray•1y ago

Comments

palata•1y ago
Hmm... I see a rant against the state of software (bad software, AI diarrhea, ...) and TooBigTech having control over everything. I can agree with that, but it has nothing to do with the "passwords vs passkeys" question.

The rant against passkeys? I don't get it. Just like one can use a password manager controlled by TooBigTech or KeePass, one can use a passkey controlled by TooBigTech or a Yubikey. I find it great to authenticate directly with my Yubikey (over FIDO2) instead of using my Yubikey to decrypt a password and copying it in a form.

And then there is the part that is completely wrong about security. They say that they "can't trust their phone" so they don't want to keep the passkeys there. But that is not correct: if the passkeys are encrypted and the key is stored in a TPM, then that's effectively similar to having a security key (you have to trust the TPM, just as you have to trust the security key of course).

And then there is the nonsense:

> I can set up KeePass Portable on a USB key, run it in Linux via WINE, place it inside an encrypted VeraCrypt container, copy to any which file sharing service, if I want.

If the device where you enter the password is compromised, then the password will be compromised as soon as you enter it on that device. No matter how much you show off with your funny setup with WINE and VeraCrypt. A password manager doesn't protect against that, so passwords can be exfiltrated as they are used. Whereas a FIDO2 authentication requires the passkey every time. E.g. I need to physically touch my Yubikey for it to sign the challenge. It could be MitM, but it is visible ("I touched my Yubikey and it didn't work, what happened?").

Authenticating over FIDO2 with a security key is strictly superior to entering a password in a field, period.

Huawei's telephoto lens identified a plane as a bird

https://xcancel.com/youy1qwq/status/2075444313132351828
1•robin_reala•2m ago•0 comments

One email to summarize all your emails

https://suminone.click/
1•evgy•5m ago•0 comments

We tried London's first driverless bus

https://www.londoncentric.media/p/londons-first-driverless-bus
1•BerislavLopac•8m ago•0 comments

We re living in a tick nightmare

https://www.nytimes.com/2026/07/11/opinion/ticks-disease-lyme-alpha-gal.html
1•yeknoda•9m ago•0 comments

I created a font called Ghost Font that only humans can read

https://twitter.com/ericlu/status/2075876651574210643
1•mcenedella•10m ago•1 comments

I miss post-internet art

https://spectator.com/article/i-miss-post-internet-art/
1•thinkingemote•12m ago•0 comments

Only 5L,If you want to take 5090 to college, Try this case – FE9 Build [video]

https://www.youtube.com/watch?v=McSLH-_unfk
1•ksec•12m ago•0 comments

Microsoft admits Windows 11 has a GDID tracker with no off switch

https://www.windowslatest.com/2026/07/10/you-cant-fully-disable-microsofts-gdid-windows-11-tracke...
4•GBiT•13m ago•0 comments

The crypto billionaires building a world where money buys you a vote

https://www.bbc.co.uk/news/articles/cly8eqyj8e2o
4•BerislavLopac•14m ago•0 comments

New York Times and Other Publishers Ask Court to Penalize OpenAI

https://www.nytimes.com/2026/07/09/technology/new-york-times-openai.html
2•1vuio0pswjnm7•17m ago•1 comments

Let's build a simple interpreter for APL – part 1

https://mathspp.com/blog/lsbasi-apl-part1
1•mpweiher•18m ago•0 comments

USAA closed 51% of home insurance claims without making a payment in 2025

https://www.expressnews.com/business/article/san-antonio-usaa-insurance-claims-rejected-22293061.php
3•gscott•18m ago•0 comments

Good Questions

https://www.economist.com/business/2026/07/09/the-secret-to-good-questions
1•andsoitis•18m ago•0 comments

40 Years of AVM/Fritz: From BTX Hobby Project to Router Icon

https://www.heise.de/en/news/40-Years-of-AVM-Fritz-From-BTX-Hobby-Project-to-Router-Icon-11357116...
1•sebastian_z•19m ago•0 comments

Dora Compliance for Email: Mapping Sender Authentication to Article 9-10-11

https://dmarcguard.io/blog/dora-email-authentication/
1•meysamazad•19m ago•0 comments

How the Rule-Breaking Octopus Is Rewriting the Evolution of Intelligence

https://nautil.us/how-the-rule-breaking-octopus-is-rewriting-the-evolution-of-intelligence-1282633
1•Brajeshwar•20m ago•0 comments

I was wrong about game development

https://mijndertstuij.nl/posts/i-was-wrong-about-game-development/
2•meysamazad•21m ago•0 comments

What I Expect from an Editor as a Programmer

https://plaindrops.de/blog/2026/programming/
1•meysamazad•21m ago•0 comments

How Does AI Work? [video]

https://www.youtube.com/watch?v=YmLp8qe87A0
1•luispa•23m ago•0 comments

Ask HN: My father died and I need to find my path

1•c4kar•23m ago•1 comments

Thomas Midgley Jr

https://en.wikipedia.org/wiki/Thomas_Midgley_Jr.
1•chistev•27m ago•0 comments

DoS Attack on Crates.io

https://status.crates.io/incidents/h2fxgl2jtc5q
2•garo-pro•29m ago•1 comments

PR Reminder Bot – Node.js tool that Slack-nags you about stale PRs

https://github.com/Enox77/pr-reminder-bot
1•Enox77•30m ago•0 comments

The world bank has ditched its climate targets

https://www.economist.com/finance-and-economics/2026/07/06/the-world-bank-has-ditched-its-climate...
1•andsoitis•30m ago•0 comments

Show HN: Agent OS – a local-first harness for reliable software agents

https://github.com/earthwalker17/agent-os
1•MonoEarthwalker•32m ago•0 comments

The largest available Minecraft world, totalling 15 TB

https://2b2t.place/1million
1•_____k•32m ago•0 comments

Litert.js, Google's High Performance Web AI Inference

https://developers.googleblog.com/litertjs-googles-high-performance-web-ai-inference/
1•simonpure•33m ago•0 comments

Can Nix Be a Better Arch Linux AUR?

https://grigio.org/can-nix-be-a-better-arch-linux-aur/
1•grigio•33m ago•0 comments

GitHub – PolymathicAI/The_well: A 15TB Collection of Physics Simulation Datasets

https://github.com/PolymathicAI/the_well/
1•bilsbie•36m ago•0 comments

Seaboard maker Roli fights to avoid second collapse

https://www.thetimes.com/business/companies-markets/article/seaboard-maker-roli-fights-to-avoid-s...
1•startupfreak•38m ago•0 comments