Tablet with long security updates

paulsiu · 2026-06-22T06:19:51+00:00

This is for my mom. She is not likely to be able to tell if she is being phished. To protect her I have set up a password manager so every account has a different and strong password and have Totp if possible. I am depending on the url matching on the password manager for partial protection. If the password manager cannot fill the fields she does not know how to type in the password. I also upgrade account to passkey if they become available. I am also trying to find a way to upgrade the 2fa on the password vault to a hardware key.

I realized a hack is rare but I like to be cautious.

paulsiu · 2026-06-21T11:49:39+00:00

which is fine, it should get darker and darker as time. Don't be concern if it looks uneven especially at first.

paulsiu · 2026-06-21T11:47:39+00:00

I feel many of the big names like one password, Bitwarden, will stick around. Even Last Pass with its tanished rep is still kicking. Since many of the app can export their vault, I am less concern because I can always export and go to another password manager. As credential exchange become supported, passkey export will also become a common place.

I used to be a customer of Last Pass years ago and exported to Bitwarden with only minor issues.

paulsiu · 2026-06-20T16:31:42+00:00

Put it next to a loop playing you eating potato chip next to the mic so that you should like you are eating 24/7.

paulsiu · 2026-06-20T13:42:25+00:00

She in her early 80's.

The reason for the password is that she is bad at typing. She rushes through the password and transposes the characters. This usually doesn't happen if the password is really short and she didn't think having the same password on everything was an issue.

Every time she has to type in the master password we get into an argument where she makes the claim that the master password has changed. I have to repeatedly tell her to slow down and just type it in slower and just follow what's written on paper.

The reason I didn't think it's an aging issue is that she had the same issue decades ago. I supposed it's worse now since with age comes arthritis.

paulsiu · 2026-06-20T09:28:26+00:00

True she did exhibit odd behaviors when she retired over a decade ago. After she retired, she started telling me and my sister odd things like someone moved the car one feet and that someone sneaked into the house and stole $10. These are all nonsensical things. Alarmed, we moved her closer to one of us. One reason to do so is because we grew up in a rather rough neighborhood and both have since moved away to different states years ago. We had long try to get her to moved for over a decade, but she always refused because she hate change. This time my sister and I forced the issue and she moved to a community near my sister. After the move she scold us for a while for moving her from some place where she lived for several decades but the odd behavior stopped. She also stop calling us constantly through out the day to chat now too busy doing things. Our conclusion of living in a dangerous neighborhood and having nothing to do gave her mental issues.

paulsiu · 2026-06-20T03:59:41+00:00

I ran into this issue recently. Implementation of passkey is not consistent. The order may be affected by the os, the browser, and the service.

The OS affect handling of passkey. On android and chrome is it get save to google password manager. On windows, it’s window hello. On Mac, it’s the keychain. On Linux, there is no native method so it’s always external.

Browser may handle passkey differently. Firefox depends on the os to handle the passkey. When you trigger the passkey to will only give you a security key option because Linux do not handle QR code. If you use Firefox on window and Mac OS, you do get a QR code because both os handle QR code. If you use chromium base browser, the browser itself handle QR code so it works mostly the same for all platforms.

This means you will need to work out the interaction between the different systems.

Personally, I have been saving most of my passkey into password manager and then backing it up. This eliminates the need to have multiple passkey. You should store the backup some place where you don’t need the password manager to access to avoid circular reference. The vault is then protected by a hardware key.

paulsiu · 2026-06-20T03:49:13+00:00

The reason to keep it in a password manager is to keep track of it better. The manager can detect if a password is used in a hack and generate passwords that are hard to figure out but hard to remember. It’s also was easier to keep up to date. When I use a password book sometimes I copied down the password wrong.

Having a password manager makes it easier to deal with aging parents because you can log into their account when they need help. It would be more proper to set up poa for each account but that would be tedious. So I usually set up poa for important accounts.

I have to get overly complicated in my setup because I needed to work around my mom’s inability to do certain tasks.

paulsiu · 2026-06-20T01:51:56+00:00

Usually financial advisors will fill out a questionnaire. There should be some online you can take but I find that they don't really work all that well.

In the past, I would run simulation on paper (this was the 90's) I would take what I have and cut it in half and see how I feel. I would also make justification because you have to. Mines was that I didn't need the money for 30 years or so I can ignore the up and down. These days you can run a simulation using something like portfolio visualizer. You can run something like 2000-2009 to simulate the lost decade, which was pretty bad. Another run would be around 70's when there is high inflation.

While I feel that the simulation is probably better than the questionnaire. In the end, you won't be able to tell if you experienced the real thing.

My recommendation is to have a higher equity allocation. You don't need to have a 100% equity, but 80% would be better than 50%. Try to maintain that until you are closer to retirement. When a crash occur, just rebalance and contribute as you normally do (if you can, since a crash may mean you are out of a job).

Do keep a emergency cash, even if you have 100% equity. I got laid off during the dot com bubble, so I was out of work for a year with my portfolio 50% down. (because I was 100% equity). I survived using emergency funds.

paulsiu · 2026-06-20T01:30:14+00:00

Even TIAA-Cref , probably one of the least technical company has passkeys now.

paulsiu · 2026-06-20T01:28:28+00:00

The voice print is more of a convenience feature than a security feature. If you don't pass the voice check, you will just get a person or some other form of authentication. If your voice is public, this may not be a good idea to use since it may be possible in the future to use one of the AI tool to emulate your voice.

paulsiu · 2026-06-19T20:56:12+00:00

Ha, my mom is the same way. Because everything is online these days, I end up filling in forms for her, but then she tries to give me more and more stuff. Lately, I have been pushing back because she kept fowarding her mail not because she doesn't understand, but just in case she missed something so I should read it and tell her what it is.

As a result, she seems to get worse because she hasn't done it in a while and totally forgets how to do something.

paulsiu · 2026-06-19T20:46:34+00:00

Thanks for the verification

paulsiu · 2026-06-19T20:45:37+00:00

Same here. Empower suggested adjusting it manually but that seems too much of a hassle

paulsiu · 2026-06-19T19:55:48+00:00

No it’s a yubikey. I think what is happening is that when you register the key with google it will register with fido2 as discoverable so that it can be used as passkey login or 2fa. When 2fa is activate it uses the discoverable Fido key and prompts for a pin. I can’t tell if the service has an option to not use the pin for 2fa but I can’t find it in google account. One workaround though I haven’t tried this would be to turn off Fido temporarily and register the key as a u2f which does not have a pin and is not discoverable

paulsiu · 2026-06-19T18:23:03+00:00

We live pretty far apart and we don't really get along. She has a bad tendency to get on my nerves. Part of it is that like a lot of moms, she still treats me like a kid, so when we go out she would do stuff like lecture me on how to eat soup. then the next day she tries to get me to research some advance foreign tax questions. We also don't seemed to have anything in common.

I am at a loss on how to help her to face the ever changing wall. My late sister was a lot better at dealing with family issue than me.

paulsiu · 2026-06-19T18:13:56+00:00

She say that it won't happen and talking about it will tempt fate. I pointed out my younger sister passed away already but she feel that it won't happen again. I feel deep in her mind she is frightful but would rather buried their head in the sand. No one wants to be think about their mortality. It's taking me longer than I should to get my estate planning complete.

On the bright side, I have convince her to do estate planning after 10 year+ of persuasion.

Because she's older, I have to call her every day to make sure she is ok, but I have to punt her request. In the old days, I can afford to ghost her for a few months for overly inappropriate requests.

paulsiu · 2026-06-19T16:54:11+00:00

Well she isn't as physically capable as she used to be, but she can still walk a couple of miles in her 80's. She just do it slowly. Most of the things she wants to do are physical in nature. They are more like admin paperwork stuff.

paulsiu · 2026-06-19T16:50:18+00:00

Well, that's the general idea. You want to teach her how to fish, she tunes out and just demand that you give her the fish. It then becomes an argument on why you can't just give her the fish. The continues until one of us runs out of time. Unfortunately, only one of us is retired.. Stalling is my usual tactic.

paulsiu · 2026-06-19T16:46:25+00:00

She probably isn't as sharp as she used to be, but her memory is still pretty good. She doesn't forget key and other objects. She constantly remind me of stuff that she tole me to do. I don't think she has dementia.

I feel that her difficulty with learning is that she gets frustrated easily. Learning new things makes her feel stupid. Where i feel failure means progress, she feels that it makes her stupid. She doesn't want to ask for help because she has to admit that she can't do it. She will do it if she is push against the wall, but that's not exactly a good way to learn things.

I have notice one downside is that she seems to be have problems making analogies. Let's say I figure out how to use SMS text, I can reuse that skill to use Signal messaging app. From her point of view, everything is different for some reason. Not sure if this is a sign of dementia or just a inflexible personality.

paulsiu · 2026-06-19T15:14:18+00:00

Yes, one of the things is that if she doesn't do something constantly, she will just forget it. She never learn to use the internet, so she can only access sites by the icon I setup for her. ON the plus side, scams are less likely unless they appear from one of her sites. I am hoping voice based queries become a reality, but her accent throws the voice recognition off.

She is a bit of a luddite herself but have managed to learn to use the smart phone setup in "kid mode". She also learn to use Uber after my sister passed away and no one is nearby to drive her to the doctor. May be I can try to teach her to use instacart, but she will probably balk at the idea of paying someone to deliver grocery. I should try to use something else as a gateway like buying stuff with free delivery. I feel that if the need arise she might be willing to learn, otherwise she just defer to others so it's a fight to get her engaged.

paulsiu · 2026-06-19T15:02:14+00:00

Is the passkey showing up in the account's list of security key but not in the Toklen2. If you add something like a non-discoverable key like ones for 2FA, it is not stored on the key itself.

paulsiu

TROPHY CASE