this post was submitted on 01 May 2025
93 points (96.0% liked)

Asklemmy

47846 readers
1131 users here now

A loosely moderated place to ask open-ended questions

Search asklemmy 🔍

If your post meets the following criteria, it's welcome here!

  1. Open-ended question
  2. Not offensive: at this point, we do not have the bandwidth to moderate overtly political discussions. Assume best intent and be excellent to each other.
  3. Not regarding using or support for Lemmy: context, see the list of support communities and tools for finding communities below
  4. Not ad nauseam inducing: please make sure it is a question that would be new to most members
  5. An actual topic of discussion

Looking for support?

Looking for a community?

~Icon~ ~by~ ~@Double_A@discuss.tchncs.de~

founded 6 years ago
MODERATORS
Cloak@lemmy.ml
mekhos@lemmy.ml
tmpod@lemmy.pt
14specks@lemmy.ml
93
If you had to ruin an entire app/website by integrating automatic logout, which app would you choose to achieve maximum damage? (lemmy.ml)
submitted 3 days ago by Luffy879@lemmy.ml to c/asklemmy@lemmy.ml
46 comments fedilink hide all child comments
 

My guess is 2fa code apps. Why you ask? Because blizzard already did it. They use their own proprietary 2fa code generator app called battle net, so I have to use it. So after a few months/years of casually not using anything remotely connected with Mr. And Mrs. „Muttermilchknacker”

explanation(A word derived from the „Panzerknacker” series of comics where the same named group of idiotic bandits try to break open a gold vault full of money, which I use since the scandal where someone stole the lactation bottle of someone working at Activision)

, I finally decided to try Overwatch 2 again, and when I tried to use my login app to confirm my login, I found myself logged out. And when I tried to log in again, I had to use the Authenticator, which I was logged out of, to use my authenticator, in order to log into the authenticator, in order to use the authenticator, in order to log into my authenticator (I could keep going like this forever)

you are viewing a single comment's thread
view the rest of the comments
[–] thepreciousboar@lemm.ee 2 points 2 days ago (2 children)

If a password is centrally assigned and managed it is not a safe passqword, regardless of other security measures

[–] sylver_dragon@lemmy.world 1 points 1 day ago

That depends on the use case. For drive encryption, a centrally assigned and managed password is fine. It provides for protection of data at rest while also ensuring that a single point of failure (the user) won't remove access to the data contained on the encrypted volume. Since it's not intended to prove identity, that risk needs to be mitigated by a different control.

[–] BassTurd@lemmy.world 1 points 2 days ago

That's the nature of how AD works. The vast majority of businesses operate in that manner. Maybe not so much assigned other than resets and service accounts, but they are managed centrally. My user password is stored on my companies AD. They didn't know it, but it is managed there. That doesn't make it a not safe password, but that's also why other security is recommended instead of just one password.