A while ago I shared a link to that old article about how someone hijacked the author's Twitter username, and one thing mentioned in the article was how the author was constantly getting bombarded with password reset e-mails. That kind of reinforces my opinion that Mastodon shouldn't allow login-by-username and stick to login-by-email only.


@Gargron I tend to agree with @anna
It's more of a punishment to those with 2fa and good password hygiene.

I'd certainly love full out smartcard key-pair challenge response.
But I'm not sure if the world is ready for that, and am absolutely certain those that reuse simple passwords are not :{

Enter discipleship

@dissy614 @Gargron even those who arent good at passwords and such, i think it hampers adoption of mastodon. they remember their username, but not which email they signed up for, and go fuck off instead of logging in after they remember its a thing a few weeks/months later

hell, it's really annoying WITH a password manager with test accounts and such, because i'll be hecked if i can remember what account testwitch23 or one of my several email addresses was assigned to

Sign in to participate in the conversation

A witchy space for most any face! Whether a witch or a witch-respecter, join the coven that is free of fash, TERFs, feds, and bigots