65
submitted 6 months ago* (last edited 6 months ago) by jeffhykin@lemm.ee to c/privacy@lemmy.ml
  • I make websites
  • If someone is banned twice (two accounts) I want it to take them more than 5min and a VPN to make a 3rd account
  • I'm okay with extreme solutions, like requiring everyone to have a Yubikey-or-similar physical key
  • I really hate the trend of relying on a phone number or Google capcha as a not-a-bot detection. Both have tons of problems
  • but spam (automated account creation) is a real problem

What kind of auth should I use for my websites?

you are viewing a single comment's thread
view the rest of the comments
[-] ReveredOxygen@sh.itjust.works 5 points 6 months ago

It's not as bad if it's only on sign up, because you're normally not autofilling there. But it's still bad for accessibility

[-] Zagorath@aussie.zone 7 points 6 months ago

It's definitely not as bad for sign up, but it's still a problem because usually after hitting "submit", the password manager will detect what you just did and pop up something like "want me to save that?"

this post was submitted on 16 Apr 2024
65 points (97.1% liked)

Privacy

31607 readers
129 users here now

A place to discuss privacy and freedom in the digital world.

Privacy has become a very important issue in modern society, with companies and governments constantly abusing their power, more and more people are waking up to the importance of digital privacy.

In this community everyone is welcome to post links and discuss topics related to privacy.

Some Rules

Related communities

Chat rooms

much thanks to @gary_host_laptop for the logo design :)

founded 5 years ago
MODERATORS