Readit News logoReadit News
dyml commented on Next month, saved passwords will no longer be in Microsoft’s Authenticator app   cnet.com/tech/microsoft-w... · Posted by u/ColinWright
Uvix · 2 months ago
Yes, other providers could theoretically import Bitwarden’s proprietary format. Bitwarden’s reference to a future release is regarding the standardized import/export of passkeys that is in development: https://fidoalliance.org/fido-alliance-publishes-new-specifi...
dyml · 2 months ago
I work at bitwarden and I can confirm this. While technically you have the data, any other app need to support our json format (which they totally can, our code is open source) - but CXP (the standard) is happening this year so we’re planning on using it.
dyml commented on Next month, saved passwords will no longer be in Microsoft’s Authenticator app   cnet.com/tech/microsoft-w... · Posted by u/ColinWright
dcow · 2 months ago
No, in this case it is actually an industry standard: https://fidoalliance.org/specifications-credential-exchange-...
dyml · 2 months ago
I worked on this standard and we’re all excited that it’s rolling out to most of not all password managers and platforms.
dyml commented on Bitwarden is turning 2FA on by default for new devices   bitwarden.com/help/new-de... · Posted by u/coldblues
self_awareness · 7 months ago
I'm paying for Bitwarden now, but after they enforce 2FA, I'll stop.
dyml · 7 months ago
We're enabling it by default, you can opt-out.
dyml commented on Bitwarden is turning 2FA on by default for new devices   bitwarden.com/help/new-de... · Posted by u/coldblues
dyml · 7 months ago
I just want to point out that the title is wrong. 2FA is on by default, but not mandatory. Dang, can we change the title?
dyml commented on Bitwarden is turning 2FA on by default for new devices   bitwarden.com/help/new-de... · Posted by u/coldblues
fungiblecog · 7 months ago
while we're bitching about the bitwarden UI my pet peeve is that 99% of my accounts use my email as the username but i still have to type it in every time i create a new account. how about having auto-suggest?
dyml · 7 months ago
I work at Bitwarden and I have that same pet peeve! Let's see if I can get a PR up without causing a UX stir :)
dyml commented on Kagi Teams   blog.kagi.com/kagi-teams... · Posted by u/icar
alde · 9 months ago
Stopped paying for Kagi after finding out that they are using Yandex for some part of the search results and are paying Yandex 2% of their revenue for that.

For the unaware, Yandex Search is tightly integrated with the Kremlin.

dyml · 9 months ago
Very unfortunate and caused me to cancel my subscription immediately. Any alternatives that people can recommend to someone who throughly enjoyed Kagi?

I really hope they reconsider their arrangement.

dyml commented on Show HN: An experimental AntiBot, AntiCrawl reverse proxy for the web   github.com/pulkitsharma07... · Posted by u/pulkitsh1234
myflash13 · a year ago
I’ve actually seriously been thinking of using WebAuthn to “authenticate” every single page load with a passkey unlocked by a biometric device only, so that I can be sure that every single page load had a meat finger on TouchID or a meat face in front of FaceID before showing the page to them.

In the future I imagine that there will be biometrically secure browsers that will be required for top security applications, that can guarantee that a single physical person is actually physically present while using it.

dyml · a year ago
Please don’t use WebAuthn on every page load.

Two reasons: the protocol is not designed to do this - and the UI/UX is not designed to support this. There are better ways.

2) it will likely not work. There are virtual/software authenticatators (available in dev tools) that could generate a valid response without a human.

dyml commented on Ask HN: How to store and share passwords in a company?    · Posted by u/hu3
dyml · a year ago
Use a password manager, like Bitwarden
dyml commented on Passkeys – Under the Hood   research.kudelskisecurity... · Posted by u/paulgerhardt
josteink · a year ago
Any testflight one can join to get in on a early beta?

I'm eager to give it a try.

dyml · a year ago
Send an email to me at aaberg@bitwarden.com and I’ll look into it!
dyml commented on Passkeys – Under the Hood   research.kudelskisecurity... · Posted by u/paulgerhardt
stavros · a year ago
The BitWarden passkey dialog irks me because it makes me click the passkey I want, even if I have exactly one. It would be better to have a feature where I could specify "always use this passkey and don't prompt", since that's what I need 99% of the time.
dyml · a year ago
Good feedback, thanks! will bring it up when I’m back at work
d

u/dyml

KarmaCake day454January 19, 2012View Original