@Amicitas@lemmy.world to Technology@lemmy.worldEnglish • 8 months agoNIST proposes barring some of the most nonsensical password rulesarstechnica.comexternal-linkmessage-square104fedilinkarrow-up1427arrow-down13file-text
arrow-up1424arrow-down1external-linkNIST proposes barring some of the most nonsensical password rulesarstechnica.com@Amicitas@lemmy.world to Technology@lemmy.worldEnglish • 8 months agomessage-square104fedilinkfile-text
minus-square@TBi@lemmy.worldlinkfedilinkEnglish6•8 months agoMy company blocked ssh keys in favour of password + 2FA. Honestly I don’t mind the 2FA since we use yubikeys, but wouldn’t ssh key + 2FA be better?
minus-square@jj4211@lemmy.worldlinkfedilinkEnglish2•8 months agoAll well and good when ssh activity is anchored in a human doing interactive stuff, but not as helpful when there’s a lot of headless automation that has to get from point a to point b.
My company blocked ssh keys in favour of password + 2FA. Honestly I don’t mind the 2FA since we use yubikeys, but wouldn’t ssh key + 2FA be better?
All well and good when ssh activity is anchored in a human doing interactive stuff, but not as helpful when there’s a lot of headless automation that has to get from point a to point b.
Yep. All the headless automation broke…