Org2Blog Release v1.1.13

Just released Org2Blog v1.1.13 with almost no user-facing changes but primarily maintenance and cleanup.

That said you might care about:

  • Create Entries without requiring an Internet connection to load Categories, Tags, and Pages. Previously it would error out preventing you from creating the Entry on your computer.
  • WordPress 6 broke View Entry. Fixed.
  • Although you were unlikely to have used org2blog-buffer-post-or-page-view or org2blog-subtree-post-or-page-view, you can’t anymore. See their function for details. Guessing you were unlikely since the break was never reported. Addendum: It was only broken for Page previews which are probably rarely used: makes sense.
  • Easier to check for compilation errors since long docstrings now get ignored.

How to use SMS two-factor authentication “the right way”

Via genius Sami Laine:

Here’s what you should do:

  • Secure your high-value accounts with strong authentication. These include crypto wallets, key financial sites and email– and if you’re an influencer—Twitter, Instagram and the like. For these, if SMS is the only option, turn it off and use a strong password with a password manager instead.
  • For new accounts, always check for stronger two-factor alternatives before deciding if you should use SMS.
  • Use a password manager to create strong, unique passwords and to autofill them to protect against phishing attacks.
  • Finally, make sure to set up a security code on your cellular account today to reduce the risk of losing your account to SIM swap attacks.

A list of popular sites and whether or not they support two factor authentication

WebAuthn rocks, but you might feel that nobody uses it.

Fortunately, you are wrong!

Visit 2FA Directory: Global or 2Fa Directory: USA for a list of popular sites and whether or not they support two-factor authentication.

This site is pure gold: it gets you up and running with WebAuthn everywhere possible as quickly as possible. When the provider doesn’t provide it them contact them demanding it.

Here is their codebase: geniuses.

Learn How To Perform Man-In-The-Middle (MITM) Phishing Attacks In Three Minutes or Less

I can’t say much more than: wow.

evilginx2 is a man-in-the-middle attack framework used for phishing login credentials along with session cookies, which in turn allows to bypass 2-factor authentication protection. –

Seriously great learning resource and kudos to Go Lang!

Just A Few Password Standards That Every Techie Must Know

If you don’t know them, then learn them.

Caffeinate → ruminate → schedule meeting → gesticulate → profit!

Just kidding, it is very valuable.