this post was submitted on 13 Jun 2023
26 points (100.0% liked)
Technology
37801 readers
189 users here now
A nice place to discuss rumors, happenings, innovations, and challenges in the technology sphere. We also welcome discussions on the intersections of technology and society. If it’s technological news or discussion of technology, it probably belongs here.
Remember the overriding ethos on Beehaw: Be(e) Nice. Each user you encounter here is a person, and should be treated with kindness (even if they’re wrong, or use a Linux distro you don’t like). Personal attacks will not be tolerated.
Subcommunities on Beehaw:
This community's icon was made by Aaron Schneider, under the CC-BY-NC-SA 4.0 license.
founded 2 years ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
Sites don't store passwords, they store password hashes. There is no reason to give any personal info you aren't comfortable giving. You can use the site just fine without posting any
Hacking an account is still a valid concern though for various reasons , and hashes can still be used against password lists. Additionally, Two factor authentication is a necessity for sure. Now don’t get me wrong, I completely understand this feature is coming and that this is a developing service but many of these concerns do seem valid to me.
Let's assume you're doing the best practice thing and using a long and unique password for each service you use.
What benefit does a hacker have hacking your lemmy-based account? Considering that everything you post is public... There's simply nothing of value that you would obtain by "hacking" an account here... The only thing I can think of is if your a moderator of a community or an admin of an instance.
I just don't see any value to it... But even then.. 2fa is slated for v0.18 which is probably coming out in the next few weeks.
Only basic TOTP 2FA though. Webauthn/FIDO2 should be coming in the future though.
Mostly thinking impersonation, spamming, deletion or modification of history…. Although I’m sure there are probably other reasons too.
What makes you think large social media platforms don't have these exact problems? Because they definitely do.
This software being open source will hopefully make it more secure one day than even things like twitter. This is because everyone can see and inspect the source code and try to find vulnerabilities. When they are fixed then (hopefully) all of the instances get updated. It's what helps make Linux generally more secure than Windows.
It seems to me you don't see the value in open source platforms like this. If this is true then fair enough. Just don't come crying to me when reddit does something you don't like.