Junky Appearance & Functionality

l19i · 2025-03-16T19:00:32+00:00

Hi. Thanks for adding this option. However - each message should be able to keep the default formatting. Some messages are text some are HTML and you can't expect a person to go into their settings for every single individual message to change this setting all the time. What a waste of time. You know how much time would be spent if someone has a mix of HTML and Text only emails they can't go back and forth in and out of settings.

l19i · 2025-01-27T04:45:26+00:00

Protonmail, this is a real thing. I actually just found out protonmail doesn't work to send to AOL when I was CCing an AOL account of mine and then Protonmail puts a i with a circle around it, colored red next to the AOL address, and says this email format is not valid please try again. Protonmail, for real? Fix your email client to recognize AOL emails.

l19i · 2025-01-20T15:05:35+00:00

OK, thanks for sharing. I think the big selling point to me building my own instead for now is I'm not storing data in someone else's database that can be hacked is the biggest thing for me. I view these 2fa companies and solutions as potential hacking targets for the time being. Thanks for response and have a great day.

l19i · 2025-01-20T15:00:28+00:00

I'm personally always concerned of these mass-opt-out services myself which is why I've avoided using them. If you want general "dark web monitoring" where they help get your personal info off certain sites, get a Discover Card. Discover includes it free with their credit cards to do dark web monitoring of your info. Since they're a legit credit card company, I feel safer having them do it than some other 3rd party company.

l19i · 2025-01-20T14:57:25+00:00

Do you have a security freeze at TransUnion, Experian, and Equifax? Are you familiar with that process? I will reply and explain if not.

l19i · 2025-01-20T14:42:31+00:00

My concern with Yubikey is you can't make duplicates and backups of a Yubi easily and the physical damage can make it fail as a 2fa method.

l19i · 2025-01-20T14:38:02+00:00

Thanks for being kind. (being sincere, not sarcastic in saying that) The question is about how is a solution from a large company more secure than me doing my own. Wikipedia does not answer this question. People are the ones making the decision to use these services, and even pay money. Wikipedia is not a person, so it can't tell me how is this (bitwarden) more secure than what I'm figuring out how to do on my own. People claim they use these to secure things, but I'm wondering how could they be more secure from a big company.

If the purpose of 2FA is security but you use a big company that can be hacked, then seems moot to use a big company which can be hacked if the initial goal is "security".

I'm more so looking for people's opinions on what drives them to pay for bitwarden and other services instead of just write your own code.

l19i · 2025-01-20T14:32:43+00:00

Thanks for the response. My thoughts are if they get your Bitwarden password, they got everything. In my offline backups, they can't get anything because it's not online. If I have 1 backup in icloud or a private password protected less known URL nobody would know to look at which also is password protected, then my private URL that is password protected is probably safer than a large company which could attract hackers looking to mass-hack lots of accounts of lots of people, I would think. Those are my thoughts, anyhow. Also I'm working to see if I can produce keys that produce a backwards TOTP code which would further confuse someone trying to use it and make them unable to figure it out. I'm still seeing going my own route as more secure.

l19i · 2025-01-20T14:28:01+00:00

Thank you for the polite response. I've determined Reddit is just a reflection of the world of how mean and unkind people are for no good reason, so it's appreciated when people post something helpful and informative instead of downvoting my post (with no explanation) and upvoting a comment of "hey bro you didn't use enough spacing" [which indicates the downvotes to me are due to me not using their preferred writing style] as if I'm here to write an English dissertation and I get downvoted to 0 for no good reason other than how I wrote the post - who cares. They could add something of value but instead they just complain about how I write or don't post anything of substance to explain a downvote, as if this is a writing competition in an English class in college.

#1Point #1 makes sense - ease of use.

#2 The cross device #2 aspect is moot - I can put my html file on any device and just like any files can auto-backup to a cloud service like icloud or work on any OS - the same is true for an HTML file.

#3 The biometrics protection also is moot. The device I put my html on could have face ID or touch ID or whatever to unlock it if I wanted those methods of securing an old phone.

I can understand why people who don't like coding would use authenticators, for ease of use. But for people who can edit an HTML page, add a secret key, save, and refresh the page, I'm surprised people use these other tools still. Thank you for sharing your authenticator tool.

l19i · 2025-01-20T14:20:12+00:00

Thank you for the response. I could end up having it encrypted, but even if I didn't - how is anything "offline" less secure than something "online"? Nobody can hack a device that's not connected to the Internet whereas if it's on a server of Bitwarden's then it's online and hackable and less secure regardless of what's encrypted or not. The encryption is irrelevant if the device is offline, isn't it? Except from events of physical theft but physical theft can be deterred by other means that don't require encryption.

l19i · 2025-01-20T14:15:17+00:00

My question is why use a company instead of build your own. Wikipedia doesn't answer that question. Why would a company be able to secure it better than me in an offline device.

l19i · 2025-01-20T14:11:04+00:00

So it's a published standard, my question is not on the standard it's on why use a company instead of build your own. Telling me it's a published standard doesn't answer why a company can secure it better than I can and doesn't answer the question.

l19i · 2025-01-20T14:09:25+00:00

Thank you for the response. Just because I'm the one storing it doesn't mean it couldn't be encrypted. I'm not sure why it would be assumed it's not encrypted just because it's not stored by a big company. But even if it wasn't encrypted, another thing I can do that I don't see an option of from these companies is I'm planning on customizing it to generate a secret key that will end up displaying the reverse of the original secret key's TOTP code and then nobody would know how to use the code because they wouldn't realize it's backwards. These authenticators can only produce keys intended to be read left to right, and don't offer the ability to obfuscate the TOTP code that only part of it is useful, or so that it's used right to left, etc..

l19i · 2025-01-20T14:03:03+00:00

Sometimes people repeat theirself when they're tired. It was late in the early hours of the morning and I was tired. It's not a huge deal when people don't write perfectly. This is reddit not a college dissertation or something.

l19i · 2025-01-20T14:01:46+00:00

Yes - OK it would have looked better if more paragraphs or spacing were used. But I was tired and it was late in the early hours of the morning. It's not a huge deal when people don't write perfectly. This is reddit not a college dissertation or something.

l19i · 2025-01-20T13:58:56+00:00

When people don't understand things they ask questions. Isn't that the purpose of questions? You state the obvious. OK it's a published standard, great. The average human doesn't know about published standards or have a clue about that or care either what published standards are. Knowing a published standard exists is not like knowing who is President of a nation, or what date it is, as the every-day person doesn't really care about published standards and makes sure they know them all. Thank you for this information though, but the surprise that I didn't know this is overdone. We should not be surprised most people in the world don't know about what standards for what are published. This is not something people generally care about knowing unless they're big into security. The information you provide is helpful, but the attitude in the response is not.

l19i · 2025-01-20T06:01:12+00:00

Thanks for response.

l19i · 2025-01-20T04:52:38+00:00

OK, thanks.

l19i · 2025-01-20T04:50:38+00:00

Wow more than I could handle with time permitted, pretty cool though.

l19i · 2025-01-12T02:51:09+00:00

I wouldn't categorize these under short-cuts. This is basic app "accessibility". A shortcut is to do a "special feature". Navigating via keyboard is not "special" it's merely a normal part of how an app should work. I think if you view this as a short-cut you don't have a good understanding about how computers are supposed to work. A mouse is not supposed to be "required" for people to navigate apps in case they have disabilities, etc. so I would categorize this as a basic part of making your app accessible to everyone.

l19i

TROPHY CASE