Are there any paid services for either Lemmy or Mastodon? Something where, given it is a subscription service, you would expect them to stick around long-term?
Are there any paid services for either Lemmy or Mastodon? Something where, given it is a subscription service, you would expect them to stick around long-term?
I didn’t read the story about how exactly he lost the jwt, but is it still as big of an issue since 2fa was introduced?
I guess existing jwt hashes will bypass 2fa, but I’m not super worried since my instance has 3 users.
2fa was in at the time. IIRC the jwt was granted after 2fa so it didn’t matter.
You’ve got a point though, small instances aren’t gonna be nearly as useful as a giant one to threat actors. Assuming you don’t give them a reason to go after you specifically they wouldn’t have a reason to target such a tiny server.
Still though, I don’t need that shiny A next to my name so I’m good with how I have it set up.