alis 🇳🇱
@alice@transgirl.cafe
@SRAZKVT@tech.lgbt is a comfort/security balance
like if u have a session last for a day which is like super high value and stuff its obviosly gonna be explosited an stuf
i mean imagine like idk running ur ssh session w nopassword sudo for a day that sounds sketchy af right cuz u wood usually want to have it like run for a minute to get teh commans executed an stuff and not any longer than that
alis 🇳🇱@alice@transgirl.cafe
@SRAZKVT@tech.lgbt i have created a nice way to make it balance pretty good in teh latest system i designed
so u hav like this 2 step system
1 is device authorization like yk when u authorize new device u have to use ur passkey and mfa and shit
2 is session authorization like when u have the per-device key u just plug in the passkey and type in password and u hav access for like 10 minues or somethinh