It seems like they are down for a longer time now. How will they recover? Does longer down mean they will have to do more catching up with other instances? Can I get updates somewhere?

  • Saik0@lemmy.saik0.com
    link
    fedilink
    English
    arrow-up
    2
    ·
    1 year ago

    Hacking an account is still a valid concern though for various reasons

    Let’s assume you’re doing the best practice thing and using a long and unique password for each service you use.

    What benefit does a hacker have hacking your lemmy-based account? Considering that everything you post is public… There’s simply nothing of value that you would obtain by “hacking” an account here… The only thing I can think of is if your a moderator of a community or an admin of an instance.

    I just don’t see any value to it… But even then… 2fa is slated for v0.18 which is probably coming out in the next few weeks.

    • dan@upvote.au
      link
      fedilink
      English
      arrow-up
      1
      ·
      1 year ago

      2fa is slated for v0.18 which is probably coming out in the next few weeks.

      Only basic TOTP 2FA though. Webauthn/FIDO2 should be coming in the future though.

    • Illogicalbit@lemmy.world
      link
      fedilink
      English
      arrow-up
      0
      ·
      1 year ago

      Mostly thinking impersonation, spamming, deletion or modification of history…. Although I’m sure there are probably other reasons too.

      • Saik0@lemmy.saik0.com
        link
        fedilink
        English
        arrow-up
        1
        ·
        1 year ago

        Impersonation - Not sure this matters unless you’re a mod or admin. Spamming - Just make the accounts yourself… it’s going to be infinitely easier to just make spam accounts from nothing (since it’s free anyway) than to designate resources to cracking a password. Deletion/Modification of history - modlogs allow reverting ALL changes outside of full account deletion. Full account deletion - Well that’s annoying at the very least. But not like it’s the end of the world or has any actual cost associated with it.

        It’s a lot of work to do so little actual damage. It’s not like twitter where hacking Elon’s account can actually lead to monetary gain.