1·
1 year agoTesting mentions /u/zachatrocity@lemmy.world
pitninja
- 0 Posts
- 4 Comments
Joined 1 year ago
Cake day: June 29th, 2023
You are not logged in. If you use a Fediverse account that is able to follow users, you can follow this user.
Sending you a test reply
4·1 year agoIt’s always been safe to use 2FA if your authenticator app supports SHA256. Unfortunately, it turns out that a lot don’t. The only solutions are going to be Lemmy switching to SHA1 or users switching to auth apps that support SHA256. I think the first is more likely to happen than the second.
I believe that is correct, from what I’m reading. I think Lemmy is probably going to switch to SHA1 as the default. Research has shown that it’s basically as safe to use for 2FA as SHA256 and SHA512 and obviously it has universal compatibility per the spec. The spec only lists SHA256 & 512 as allowed alternatives, not required for full adherence to the spec. I imagine Lemmy will change it so that SHA1 is the default option with maybe an option to still do SHA256 with some well explained warnings.