• 0 Posts
  • 2 Comments
Joined 1 year ago
cake
Cake day: June 21st, 2023

help-circle
  • Depends on the use case. Cloudflare tunnels are great for accessing services, but not your network. I have a dockerised vscode instance behind a cloudflare tunnel attached to a personal domain that uses white listed emails as authorisation. Fantastic set up, can access my coding environment from anywhere with an internet connection as long as I can click the verification link in my emails.

    To access my network itself though, wireguard is better. I just use pivpn (coupled with pihole for on the go adblock) on a rpi.


  • Best practice in 2023 is a simple, sufficiently long but memorable passphrase. Excessive requirements mean users just create weak passwords with patterns.
    [Capital letter]basic word(number){special character}

    Enforcing password changes doesnt help either. It just creates further patterns. The vast majority of compromised credentials are used immediately or within a short time frame anyway. Changing the password 2 months later isnt going to help and passwords like July2023!, which are common, are weak to begin with.

    A non expiring, long, easily remembered passphase like
    forgetting-spaghetti-toad-box
    Is much more secure than a short password with enforced complexity requirements.