Andrew J. Swartzell – Thoughts on Design & Technology

Best AI Plugins for WordPress (2023)

https://www.marktechpost.com/2023/06/09/best-ai-plugins-for-wordpress-2023/

https://arstechnica.com/features/2023/05/is-cybersecurity-an-unsolvable-problem/

Tech Tuesday: The Present and Future of Passwords

About a year ago, Apple, Google, and Microsoft announced that they had teamed up to create a new standard for passwordless logins. Apple began supporting “passkeys” last fall, Microsoft plans to deliver passkey support to Windows sometime this year, and as of this month Google is supporting this new technology on all major platforms.

The FIDO Alliance has a website dedicated to passkeys where you can learn lots more here: https://fidoalliance.org/passkeys/
And on the topic of passkeys versus passwords, this morning’s Marketplace Tech podcast posed the question: Will we soon use biometrics for all logins?
Read Google’s announcment

Passwords remain with us for the present, and I suspect that they may never disappear completely. Password managers like 1password or Dashlane are good ways to set and keep track of secure, unique passwords, since you should never re-use a password for multiple accounts. If one account provider is breached, your username and password combination could be made available for hackers who will try to sign into other accounts with that same username and password combination. It’s also important to turn on multi-factor authentication when it’s available as an additional safeguard. Most password managers also have the ability to generate random, complex passwords of varying length; but if you ever need to set a password manually (like the password for your computer), keep in mind that longer passwords are usually more secure than shorter ones, regardless of complexity. Personally, I think the UK National Cyber Security Centre (NCSC) guidance to make a password using three random words is good advice, but we should keep in mind that the tools cyber criminals use become more advanced every year. Take a look at this year’s chart from Hive Systems and read more about their methodology at hivesystems.io/password:

Passkeys promise to do away with a lot of this complexity and risk, while maintaining the same level of security provided by multi-factor authentication. Yet risks remain. Chester Wisniewski of Sophos discusses the concept of “cookie theft” in the Marketplace Tech podcast I mentioned above, where an authenticated session stores a token or cookie as a file on your computer that tells the website or application that you’re logged in. These session cookies will time out eventually, but if someone is able to get a copy of that file before it expires, they may be able to access your account. I asked ChatGPT how commonly “cookie theft” is used to bypass multi-factor authentication, and this is what it said:

TL;DR – To sum up, “passkeys” may replace some “passwords” in the near future, but it’s still important to practice good password hygiene: length is more important than complexity, never re-use a password, and turn on MFA if it’s available.

https://www.theguardian.com/books/2023/may/06/can-i-still-listen-to-david-bowie-a-superfans-dilemma

Chasing Carbon Zero

Great special in the future of energy. Everyone should watch this.

https://youtu.be/cN-P4ilk7Iw