sudoreboot

joined 4 years ago
sorted by: new top controversial old
If you had to ruin an entire app/website by integrating automatic logout, which app would you choose to achieve maximum damage? in c/asklemmy@lemmy.ml
[โ€“] sudoreboot@lemmy.ml 2 points 2 days ago (1 children)

My assumption was that the user sets the decryption password. Yes, if the decryption password is not your own then you may want your own password on top of that. The point was that there is in principle no reason for requiring the user to enter more than one personal password per session.

If you had to ruin an entire app/website by integrating automatic logout, which app would you choose to achieve maximum damage? in c/asklemmy@lemmy.ml
[โ€“] sudoreboot@lemmy.ml 4 points 2 days ago (7 children)

If the device is encrypted and single-user there is no good reason to require further login after the first. If user is AFK then it locks, but then they should only need to type in that password. All this inconvenience is due to overlapping security practices that aren't designed together.