Xml has entered the chat

Who needs a license when there’s massgravel/MAS

It’s like enabling https on your website with a self-signed certificate. Cool but worthless as an indication of validity to anyone but yourself.

I need a source on that knife, where can I buy it.

The lemmings in the film were actually purchased from Inuit children, transported to the filming location in Canada and repeatedly shoved off a nearby cliff by the filmmakers to create the illusion of a mass suicide.

Yo wtf

Our dishwasher has the option to reset the currently selected program but it has to take a minute to do so with the machine closed always. So you’d press start, realise you selected the wrong program and, even though nothing changed except software, still have to close it for a minute.

Installing GPU drivers :). Bonus if you need to use CUDA on top of that

Using that logic this includes commuting, as that is also not free time spent as desired.

Aside from platform agnostic password managers having support for it as a commenter below pointed out you can also save it on a physical “hardware security key” (e.g. yubikey). Technically this should be the best option as there is no way for anyone to steal your passkeys unless they physically take apart your hardware key (and there’s even keys that have additional protections that make it impossible to take apart without destroying it).

However every single platform really pushes people towards using their own solution. So only their solution is neatly integrated in their platform and also preselected when you save a passkey. But all in all those are rather small hurdles for the security a hardware key gives.

I’d like to do the same, but atm I use nginx to serve all the web interfaces… And keycloak support is either a plus subscription feature or made to work with hacky Lua scripts.

So for now it’s security through obscurity, I got a wildcard cert and the pages are accessed based on subdomain. So afaik nobody has a clue unless they start iterating common subdomain names. (At some point™️ I’m adding proper auth though)

In Belgium mostly the only time you’ll see anyone with the flag on some piece of clothing is at some international (sports) event.

To maintain my privacy I proxy it though :)

To be fair for now it’s only used to access some admin portals for services I got running (Arr stack, syncthing, etc). The main domain isn’t even mapped (so gives 404), though at some point that might become a portfolio website.

Seeing as my homelab domain is literally {first name}{last name}.{country I live in} I didn’t really care :P

Use it on your phone, duh :P

Jokes aside I wish windows supported pin+hardware key to log in… But alas that’s an enterprise only thing.

Instructions unclear, booted tails from usb

Being born there is the first step to becoming terrorist scum, they had it coming!

/s just in case if that wasn’t obvious

It’s sad that this is the best option for y’all.

For that particular website yes, but a salted client side hash is worthless on a different website.

Edit: plus even unsalted it would only work if the algorithm is the same and less iterations are done

It helps against the server being able to read the password, so a bad actor (either the website itself or after a hack) could read your password. Which isn’t bad if you’re using good password hygiene with random passwords, but that sadly is not the norm.

Why would you not hash in the browser. Doing so makes sure the plaintext password never even gets to the server while still providing the same security.

Edit: I seem to be getting downvoted… Bitwarden does exactly what I described above and I presume they know more than y’all in terms of security https://bitwarden.com/help/what-encryption-is-used/#pbkdf2