Re last: I absolutely love doing accessibility work with Jujutsu. Often I start with an inaccessible base and iterate my way out of the fog--fixing one accessibility issue only reveals another, and another. Git's model makes that tricky--make commits, then individually peel them off onto separate branches when it's time to merge.
With JJ on the other hand, I can stack changes one on top of the other without even thinking about it. Fix accessibility issue, jj new, fix another, jj new. It's usually obvious from jj diff what I fixed, so I can jj edit and jj describe the changes later if I'm just in the zone and don't want to workshop a commit description right now. When it's time to pick apart PRs, jj rebase -s q -s r -s s -s t -d p rebases everything on the most recent upstream change at once, then I just jj edit q and jj bookmark set <branch-name> for each change. A jj git push --allow-new pushes everything at once. When the inevitable PR feedback arrives I just jj edit <bookmark name>, make the changes, and jj git push again. No need to explicitly re-commit since that happens automatically. Then when I want my own private build with all the new a11y goodness, jj new q r s t puts me in a brand new commit with everything merged. Find a new accessibility issue with code I've edited? No problem--just edit the code live on my change, jj absorb, and it merges that code into whichever revision in my history last touched it. If it's at all ambiguous, jj squash merges the changes into an explicit target, and a jj git push updates all the affected PRs without me having to think about it.
Where has this been all my life?
miki reshared this.
LΞX/NØVΛ 🇪🇺
in reply to Tuta • • •never use an app that have less than 32 char allowed (exept ubisoft, because this crap refuse more for "security").
i use 128 by default and less when necessary by the service
jalict
in reply to Tuta • • •...a pleasant rascal
in reply to Tuta • • •"Through 20 years of effort, we've successfully trained everyone to use passwords that are hard for humans to remember, but easy for computers to guess."
TarXZ
in reply to Tuta • • •Also a good password hasher, I've known some services that are likely just storing it as plain text.
Argon2 on top.
disorderlyf
in reply to Tuta • • •I worry non-technical people with too much power are going to read this and be emboldened continue the age-old tradition of using a password system where it discards the characters after their maximum (which suspiciously seems to always be 15 or 16 characters) but considers the truncated values to be different from the exact same 15 or 16 characters when you realise the password field to log in stops processing input at 15 or 16 characters.
In case one of those people reads this, 34,000 years sounds like a lot, but this is what computers can do right now. Five years ago, that same brute force would likely have taken orders of magnitude longer. Ideally, you want "Sol will go supernova before they brute force this password using the hardware available in [current date]"
Passphrases help keep the complexity more manageable, but someone already posted the XKCD. Just please, for fuck sake, don't be hostile to password manager users. A copy/paste is arguably more secure than just manually typing it in before we even consider how the password manager encrypts it.
Himmelssohn
in reply to Tuta • • •vrek
in reply to Tuta • • •Ondrej Zizka
in reply to Tuta • • •This table can't be taken literally.
Ron Bowes
in reply to Tuta • • •No no no no no I'm so tired of this awful advice.
UNIQUE passwords matter 1000x more than STRONG passwords. With very very few exceptions, password cracking shouldn't even be in a normal person's threat model. If somebody is cracking your password they already have your data from that platform. The only thing password cracking does is let them use your password to authenticate to other platforms, but that doesn't work if it's a unique password
We need to stop people to use long to complex passwords. That's not a useful thing to teach people. Instead, teach them to use a password manager and a unique password for every site!
James
in reply to Tuta • • •@Tutanota
You got an online password vault? A 28 character password is easy (and fun to brag about).
Joachim 🇪🇺
in reply to Tuta • • •kΔ
in reply to Tuta • • •MW1CFN
in reply to Tuta • • •LostLLM
in reply to Tuta • • •IYPS | F-Droid - Free and Open Source Android App Repository
f-droid.orgWilm
in reply to Tuta • • •Simon Brooke
in reply to Tuta • • •this. On systems which allow long passwords, I'm now using very long phrases (think lines from songs — I'm not actually using lines from songs, but the phrases are of similar length). The benefit is I can remember them WITHOUT a password manager; and if I should forget them, I have a crib — but only I know what that crib is.
/Continued
nictakiego
in reply to Tuta • • •