Weekly output: Google’s password help, Twitter suspensions in Egypt

NEW YORK–This evening finds me here for the Ascent conference, at which I have four panels to moderate Tuesday and things to learn all Monday. Yes, that means I will miss both NLDS games at Nationals Park. Since the team hasn’t done all that well when I’ve been in the stands for a potential division-series clinch, maybe that’s good?

10/2/2019: This new Google tool protects you against dangerous passwords, Fast Company

Along with a fair amount of other tech journalists, I got an advance on Google’s announcement Monday of changes to warn Chrome users about exposed, reused or easily-guessed passwords. Having seen how a similar feature in the 1Password password manager has helped make me less stupid about site logins, I think this is a good move by Google. But I also expect that many users will freak out when they see Chrome telling them that their password has been compromised in a data breach.

10/3/2019: Twitter suspensions in Egypt, Al Jazeera

I appeared on the Arabic-language news channel to talk about reports of Egyptian dissidents’ Twitter accounts being suspended. My take: Twitter has a serious problem with being fooled by coordinated, bad-faith campaigns to get accounts suspended for alleged-but-not-real violations of Twitter’s rules. The anchor then asked why Twitter hadn’t answered AJ’s questions, and I said that most social-media companies are chronically bad at explaining their own decisions. Many have hangups with just speaking on the record.

Advertisements

First impressions of 1Password

After several years using the same password-manager service–and then paying for its premium version–I’ve spent the last few weeks trying an alternative.

I can credit a sales pitch that included the italicized phrase “completely free” for this departure: 1Password’s offer of a free membership to journalists, in celebration of World Press Freedom Day this May 3. But I was also overdue to spend some time in a password manager besides LastPass.

So far, I’m impressed by the elegance of the interface but a little put off by how persnickety 1Password can be to set up. You don’t just create a username and password, you also have to type in a complex and random secret key to get going.

Having read this Toronto-based firm’s documentation of how this extra step helps ensure that a successful guess of your password still won’t compromise your account, I get where they’re coming from. But I’m not sure I’d recommend it to just anybody, especially not when LastPass’s free version suffices for many casual users.

Further time with 1Password’s Mac, Windows and Android apps has revealed other things I like:

This time has also surfaced one thing I don’t like: an incomplete approach to two-step verification that seems to require choosing between running an authenticator app on your smartphone or employing a weird Yubikey implementation that requires running a separate app instead of just plugging a standard USB security key. That’s no better than LastPass’s inflexible notion of two-step verification.

I’d like to see 1Password improve that and support the WebAuthn standard for security-key confirmation. But I’m prepared to give them some time, based on everything else I’ve seen so far.