Passwordless and Passkeys

Ugh! Passwordless ​ Photo by Anna Shvets ​ Passwordless can seem to give some indigestion! 😂 Why? Because the name may suggest that it’s insecure, somehow. It has to be. Right? Nah! Well, not really. It depends on how I, the administrator, set it up and on the end users’ re-education on security. It also would mean an organization re-education as well. Multi-Factor authentication, YubiKey,…

View On WordPress

I understand the necessity of multi-factor authentication, but as someone with ADHD so bad I was diagnosed at age 7 in the 1990s despite me being a girl at the time...asking me to pick my Distraction Box back up when I've finally managed to put it down to try and get to work is, uh, not the best thing ever for my ability to get work done. You are requiring Captain Distractosaurus to pick up and look at his Distraction Box in order to do his work. This is the worst possible thing you could ask me to do. Picking up and looking at my Distraction Box and entering a code and waiting for the code to be accepted is so many steps, and in between each one of those steps is an opportunity to get distracted, and I am holding and looking at my Distraction Box for every single one of those steps.

Guess what I was doing when I got distracted and made this post. You'll NEVER guess. Multi-factor authentication is very necessary and I hate it SO MUCH. I'm gonna eat a bug

febhyurary, day 18: shadow

"when dad was losing his mind, he stopped seeing us. when he lunged at me with that knife, he didn't recognize me. in a short moment of lucidity, he came to realize what he had done to me. after months of watching him sink into a deep, black pit, I finally had my dad back. even now, I could feel how tight he hugged me as he wailed out a thousand apologies... but it was too late. dad was sick, he couldn't sleep and could hardly eat, he lashed out at anything and anyone. his migraines only exacerbated the issue. but mum had been so absorbed in her work back then that she was hardly home to get dad the help he needed. the constant fighting they had ended up pushing her away. she didn't want to deal with dad and how he was deteriorating before our eyes. it wasn't just her; no one helped dad, they pretended nothing was wrong like they do with gammy's 'fits'. but they don't make my blood boil nearly as hot as mum. mum treated him poorly during that period, she put her work above him and above us. when dad finally snapped, she abandoned him in that house. I hated her for it. we were just kids, we had no idea what was going on. the twins don't even remember him, they don't remember how much dad loved them, or how he wished they'd stay small forever. I'll never forget his screams, the desperation in his voice when mum snatched me away. I didn't want to leave him. we locked up any aethograph of dad from that time. we didn't want to remember dad like that, we didn't want to be burdened with those memories. but there was another reason why we stored those away—in almost every aethograph, there's a shadow."

Well, it's been a long time since I've made health updates on here. But FWIW for anyone wondering, I am pretty sure I've 'cured' my insomnia.

My discord account was hacked for 2 solid seconds and i got banned from 5+ servers for "sending" the fucking steam sale scam

I got scammed through Booking.com

...and I'm posting this so maybe someone else sees it and doesn't fall for it.

On Sunday, the app Booking.com, which I have installed on my phone, sent me a message saying that an upcoming reservation I have in Frankfurt was in danger of being cancelled. Due to a high number of fake bookings they were going to need some verification within the next twelve hours. So I clicked their link, ensured that it was a secure link from Booking.com, and re-entered my credit card info.

The page where I entered it said the verification process should take about five minutes. After an hour with nothing, I e-mailed the hotel directly and said that I was running into some technical difficulties with Booking.com, but I did very much want the room still, even if the booking service ended up trying to cancel my reservation.

I got a reply - to the e-mail I'd sent the hotel directly - through Booking.com. They said there was a misunderstanding with the staff and my card had been rejected, but there was a link that would clear it up. And it was the same darned link as before, but I'm used to having to jump through a billion hoops for multi-factor authentication now, so this time I asked my mom if I could use her card to reserve and pay for the room, and I'd just transfer her the money. And she gave me her info. And I gave it to them.

Then I got a message saying this card had been accepted, and I was going to get an SMS with a code, and I should enter the code to complete the process. Except no SMS was forthcoming, not to me or to Mom, and then I looked at the spelling on that last message and thought, you know, I know I'm reserving a hotel where English is a second language, through a company where English is a second language, but maybe I'm just gonna check…

So I searched "Booking.com scam?" and found this Guardian article, which describes pretty much exactly what happened to me. This has been happening for at least a month, and Booking.com denies that it's been hacked. But that's where the messages were coming from, they had my reservation details, and they knew when and what I had written to the hotel I had the reservation with. If I had seen something like this article - heck, if Booking.com itself had sent out a warning - I would have known something was up from the beginning, but as it was, they were slick enough that I got taken.

I've had to cancel my credit card, and my mom has had to cancel hers, but fortunately we got them both before the scammers could run up any charges. And I guess until I hear something has changed, I'm gonna have to book my hotels directly.

I fucking hate multifactor authentication.Not only am i now obliged to have a smartphone nearby at all times when working, which is distracting,but now the damn thing broke and i can neither login nor register a new device under my account because the link will be sent to my smartphone...which is broken.Fucking useless.

also is it just me or is tying access to basic services to a single fairly fragile device in our age of planned obsolescence fucking stupid?

all i want is to check my schedule and where i need to be on Monday.

Securing Active Directory Accounts

Photo by Andrea Piacquadio on Pexels.com Active Directory is a directory service that manages user accounts and other resources on a network. It is important to secure Active Directory user accounts to prevent unauthorized access, data breaches, and identity theft. In this blog post, we will describe the step-by-step process to secure Active Directory user accounts using best practices and…

View On WordPress

Ngl kinda happy that the N + V week didn’t happen on halloween like the name halfway suggested tbh

I will admit a liiitle bit of it’s because I’m not personally a fan of N + V but like also-

Like, don’t get me wrong I don’t think doing some cute ship art for halloween would be a bad thing/a week for one ship doesn’t necessarily preclude other people doing their own stuff/multiple existing at one time but like- I kinda think it’d just be a really good time for some general prompts focusing more on the horror parts of the series/maybe some fluff that can be romantic or can apply to everyone in the whole cast?

(also even if I think the idea of it being a “ship war” in general beyond mild jabs/memes is kinda dumb vs just having your own preferences and opinions based on your analysis- if we are going on ship war terms, I don’t like the idea of either side trying to claim it and that goes for “my side” too :( )

I had a Twitter account. Twitter got X’d and a couple years later my account got X’d too. It was actually surprising. I didn’t have many followers, maybe 30, and followed academics and researchers especially related to statistics, public health, and indigenous well-being.

Last year I started having trouble signing in with the multi-factor authentication and then after not even attempting to sign in for months I got an email this past April that my account was suspended. I didn’t have a chance to remember what I posted on there and all the cool research resources that I found.

I shared some educated opinions and feelings about the state of current affairs. But it doesn’t make sense that anything I posted would cause this. Does this happen often now to X users? Could it because people hacked into it?

SOMEONE NEEDS TO HOLD ME?? SEDATE ME EVEN, MAYBE?????????? i am so normal about all of this OBVIOUSLY (<- spoiler alert: i am not)

Since it requires you to both Have a thing (the keys) & Know a thing (the order to move the switches), this safe technically uses Multi Factor Authentication

Antique safe made in France around ~1780 / 1810. With three keys and a combination of ordered switches

How to Set Up 2FA on All Your Devices in 2025

As we move further into the digital age, securing your online accounts has never been more critical. One of the most effective ways to protect your accounts from unauthorized access is by using Two-Factor Authentication (2FA). This extra layer of security adds a second step to your usual login process, making it harder for hackers to gain access to your sensitive data. In 2025, setting up 2FA is…

Secure AI-driven enterprises with identity management, MFA & zero trust. Unlock the best security framework for generative AI today!