Author | Lightnews

Ricky Mondello @rmondello.com · 1h

Passkeys next? ghost.org/changelog/one-time-...

One-time codes for sign in

A new secure way for members to access your site

ghost.org

2

Ricky Mondello @rmondello.com · 7h

This is a take that gets it. The reason that passkeys exist is that passwords harm people and that harm needs to end.

Filippo Valsorda @filippo.abyssdomain.expert · 1d

Serious take: the solution to Safe Browsing false positives like the Immich one is passkeys.

Phishing regularly upends people's lives. The Safe Browsing cat-and-mouse with all its opaque false positives will be necessary until we roll out phishing-resistant auth.

1 15

Ricky Mondello @rmondello.com · 1d

let’s launch Andrew Cuomo into the sun

2 4 21

Ricky Mondello @rmondello.com · 2d

This made me smile so much.

1 4

Ricky Mondello @rmondello.com · 2d

Info: Mac web browsers get the ability to use passkeys from Apple Passwords (and other passkey managers that plug into “Authentication Services") by applying for this entitlement: developer.apple.com/documentatio...

This is how Chrome and Firefox support passkeys from Apple Passwords today.

com.apple.developer.web-browser.public-key-credential | Apple Developer Documentation

A Boolean value that lets your app make registration and assertion requests for passkeys and security keys for any relying party identifier.

developer.apple.com

2 1 23

Ricky Mondello @rmondello.com · 2d

I had never seen this quote before and it just made me (ugly) laugh out loud. Incredible.

Seth Cotlar @sethcotlar.bsky.social · 2d

Time to re-up one of the great quotes of all time...while the Totenkopf is in the discourse. www.huffpost.com/entry/attemp...

=
IHUFFPOSTI
"Basically, I'm just fed up with the fact that I'm cis-gendered, I'm a white male, and I lean right, towards the Republican side," said Fears, 28, wearing a pin of the 3rd SS Panzer Division Totenkopf of the Waffen-SS. "And I get demonized if I don't accept certain things."

1 17

Ricky Mondello @rmondello.com · 3d

+1

As an industry of technologists, we cannot let the solution to the password problem be just email. Emailed magic links are an important component to a solution in the consumer space, but can’t be everything. More thoughts on this topic: rmondello.com/2025/01/02/m...

Ben @amongotheritems.org · 3d

I DONT WANT A CODE SENT TO MY EMAIL I WANT TO LOG IN WITH MY PASSWORD OR PASSKEY

2 4 22

Reposted by Ricky Mondello

Cabel Sasser @cabel.panic.com · 3d

is there a metroidvania out there that explores trans themes? because i would love to play a transylvania

6 4 46

Ricky Mondello @rmondello.com · 4d

what could possibly go wrong???

1

Reposted by Ricky Mondello

Cami @cafiffle.bsky.social · Jul 9

I think one of the saddest things about being a millennial is remembering a time when technology was advancing in a way that made life better and easier and more exciting instead of actively, intentionally worse

56 2.1K 5.7K

Reposted by Ricky Mondello

The PS1 startup sound as a lesbian @janus.bsky.social · 5d

i’ve been wanting to write something about AI as the ultimate fascist anti-aesthetic but then he posts stuff like this and it just makes my point for me

molly conger @socialistdogmom.bsky.social · 5d

and another thing: he’s not mad. please don’t put it in the newspaper that he got mad.

2 22 140

Ricky Mondello @rmondello.com · 5d

> When signing in to Bluesky, that happens at bsky.app, but when signing in to another app leveraging the AT protocol (e.g. nooki.me ) that happens at bsky.social.

Is this true? Is it strictly correct to offer passwords saved for bsky.app on bsky.social and vice versa? github.com/apple/passwo...

Shared credentials suggestion: Bluesky · Issue #968 · apple/password-manager-resources

When signing in to Bluesky, that happens at https://bsky.app, but when signing in to another app leveraging the AT protocol (e.g. https://nooki.me ) that happens at https://bsky.social.

github.com

3 4

Ricky Mondello @rmondello.com · 6d

hey! I need something to fall asleep to.

1 1

Reposted by Ricky Mondello

Ian Boudreau @ianboudreau.com · 6d

What's up Bluesky, this is the Department of State and we're here to post some Hatch Act violations

63 1K 7K

Reposted by Ricky Mondello

Mr. Chau @srirachachau.bsky.social · 7d

Mr. Mamdani, what do you think of the calls to include a Vegeta balloon alongside Goku at the Thanksgiving parade? Piccolo as well

30 290 1.9K

Ricky Mondello @rmondello.com · 7d

Extremely reasonable take, David. Let me know if you have any questions about passkeys and I would be happy to answer them. (I work on website and app authentication at Apple.)

1 3

Ricky Mondello @rmondello.com · 7d

A bad actor can trick a person into giving their password away, which can compromise an account.

Passkeys are cryptographically bound to the website and app they’re created for, so they are phishing-resistant. Phishing is a source of lots of pain for regular people.

1 4

Ricky Mondello @rmondello.com · 7d

*You* use a strong password and authenticator, and you probably use them well. But they’re not secure by design. You need to be vigilant. And one day, perhaps, even you could be phished!

For people other than you, passkeys are a game-changer because they’re phishing-resistant and one step.

1 4

Reposted by Ricky Mondello

Slideshare Gems @goodslides.bsky.social · 7d

1 50 150

Reposted by Ricky Mondello

Eliza Skinner - comedian @elizaskinner.bsky.social · 7d

JD Vance seems to be making more public appearances recently. I have to assume it is to remind the public that he has the energy of a dude who corners you at a party to ask (with thick, gummy, catshit breath) why you don’t like him - tearfully begs you to kiss him - then calls you a bitch.

2 8 58

Reposted by Ricky Mondello

Emanuel Maiberg @emanuelmaiberg.bsky.social · 8d

Reddit's AI product provided dangerous advice in medical subreddits and moderators can't turn it off www.404media.co/reddit-answe...

Reddit's AI Suggests Users Try Heroin

AI-generated Reddit Answers are giving bad advice in medical subreddits and moderators can’t opt out.

www.404media.co

24 200 550

Ricky Mondello @rmondello.com · 7d

Genuinely curious: why not?

1 2

Reposted by Ricky Mondello

lena @lenazun.bsky.social · 8d

let's go www.eff.org/press/releas...

Labor Unions, EFF Sue Trump Administration to Stop Ideological Surveillance of Free Speech Online

NEW YORK—The United Automobile Workers (UAW), Communications Workers of America (CWA), and American Federation of Teachers (AFT) filed a lawsuit today against the Departments of State and Homeland Sec...

www.eff.org

5 20

Reposted by Ricky Mondello

Kate Violette @kateviolette.com · 8d

Oh wow, Rolling Stone going appropriately hard here. I did not have that on my 2025 bingo card.

Martine Mounier @reverseyourmind.bsky.social · 8d

#LongCOVID

« Tout cela suggère une crise de santé publique qui se prépare pour une génération d'Américains. »

— @rollingstone.com

« LONG COVID IS REAL- AND IT'S CHANGING AN ENTIRE GENERATION
Hundreds of thousands of kids in America are struggling with an illness that many doctors and schools refuse to recognize
By ELI CAHAN»

« LE COVID LONG EST RÉEL ET IL CHANGE TOUTE UNE GÉNÉRATION
Des centaines de milliers d'enfants américains sont aux prises avec une maladie que de nombreux médecins et écoles refusent de reconnaître.
Par ELI CAHAN »

https://www.rollingstone.com/culture/culture-features/long-covid-kids-school-absenteeism-1235447552/

3 23 68

Ricky Mondello @rmondello.com · 8d

If anyone from Bluesky would like an introduction to passkeys as a technology or an introduction to the FIDO Alliance, where passkeys are standardized and improved, these are services I am willing to provide.

Konstantin @iamkonstantin.eu · 8d

My weekly @bsky.app feature request is: Passkeys
Friends don't let friends getting 2FA codes over email 😁

screenshot from the 2FA prompt on the login page of bluesky

2 4 30