Cross-posted from: https://sh.itjust.works/post/19987854


We have previously highlighted the importance of not losing your account number, encouraging it to be written down in a password manager or similar safe location.

For the sake of convenience account numbers have been visible when users logged into our website. This had led to there being potential concerns where a malicious observer could:

  • Use up all of a user’s connections
  • Delete a user’s devices

From the 3rd June 2024 you will no longer be able to see your account number after logging into our website.


  • Scolding0513@sh.itjust.works
    link
    fedilink
    arrow-up
    4
    arrow-down
    2
    ·
    6 months ago

    why dont you guys do something useful like come up with a MFA powered contingency plan for people who get their ID stolen

    or maybe actually come out with multihop on android?? lol

          • mortalglowworm@reddthat.com
            link
            fedilink
            arrow-up
            4
            arrow-down
            1
            ·
            6 months ago

            That was not the argument above, was it?

            What kind of MFA you can use on a router, BTW?

            I have a FIDO2 with Nfc, and it works. Is it convenient? No. Is it more secure? Yes.

            • viking@infosec.pub
              link
              fedilink
              arrow-up
              3
              arrow-down
              3
              ·
              6 months ago

              So you are running a full-fledged OS on a standalone computer that functions as a router. An actual router has a very limited operating system with no such functionality, plus it’s always online by design, so you’d basically have to have a key that is permanently plugged in; or depending on the setup you’d have to re-authenticate ever so often. Not exactly great considering most routers are hidden somewhere in an inaccessible corner.

              • LoudWaterHombre@lemmy.dbzer0.com
                link
                fedilink
                arrow-up
                1
                ·
                6 months ago

                It’s nothing fancy I just needed more CPU power on my router. I’m not saying it makes sense to use a hardware key to access the internet on router level, I’m just saying it works.

                openBSD is actually kinda common base for routers. Also why would I hide a router in some inaccessible corner?