Recent content by Carl

  1. C

    help set up sqrl in ios how do I export to windows?

    Well, if you created a SQRL identity without saving the recovery code (that you can only see during identity creation), then yes, you should start over by creating a completely new identity.
  2. C

    SQRL in Swedish IT-Security Podcast

    All right, I've listened to the episode about the drawbacks with SQRL. A short summery would be that it's clear that Nikka knows what he's talking about. He knows how SQRL works (and he likes it, and is even contemplating implementing it himself on his site) and the issues/problems he brings up...
  3. C

    SQRL in Swedish IT-Security Podcast

    Härligt! Välkommen! 👍 (Great! Welcome!)
  4. C

    Websites using SQRL

    @WinBreach This is part of the CPS function in SQRL. If you search for "CPS" in the first couple of PDFs here, you will get an explanation of what it is and how it works:
  5. C

    Websites using SQRL

    Yes, this is pretty much the current status, and it is to be expected. It's only been a few months since the creator of the SQRL protocol decided that version 1.0 of SQRL was to be considered finished, and updated the technical documentation to reflect this. Since SQRL requires websites to...
  6. C

    The Xenforo plugin doesn't have a way for a user to recover from lost identity

    As I view this, I have explicitly said that I DON'T want my SQRL login to be given priority over, or that it should replace, my username and password. My expectation when I associated this forum account with my TEST SQRL identity was that, as long as I don't change the settings to ditch...
  7. C

    Another advantage of SQRL

    I know that the current version of SQRL already allows for big companies with multiple domains to keep track of their users by having them all sign in to the same place (for example, both GMail and YouTube users could be made to login at ""), but I still had a reaction when...
  8. C

    SQRL is in trouble .. if we don't simplify identity creation.

    Well, yes, if you were to ask this question in, say, a year's time, then those two statements should probably be split up into two separate questions. For now - at least for me - they mean the same thing: that I didn't care enough about my (test) identity. I don't even remember IF I saved the RC...
  9. C

    POLL: How did you backup your SQRL identity?

    Well, the obvious (bad) alternative that is not listed yet in the poll is "No backup." I have yet to make a backup myself, but as I wrote in the other poll thread, I think it's time to start treating one's little squirrel with care.
  10. C

    Where do you actually store your rescue code? If you use multiple, select up to three and BE HONEST!

    Thanks for the reminder! As SQRL is now starting to be used on sites, I should stop treating my identity as a throwaway/demo and start taking care of it! :)
  11. C

    It didn't work on some sites for me. Maybe it's still a work in progress.

    "It" being "Sign in with Apple" (not SQRL), I would think.
  12. C

    Differences between SQRL and WebAuthn

    Hi Christiaan, Since I'm mainly just an interested observer here, or as Steve put it during his recent presentation in Gothenburg: one of "the people on the fringe" of the work on SQRL, I am not speaking on behalf of SQRL, but perhaps I can add a thought or two while you wait for a better...
  13. C

    Apple form factor for devices

    I agree - it's amazing to see so much "crammed into a tiny device." Scary too, though:
  14. C

    SQRL write-up

    I would guess that Alan was referring to the "FIDO Certified" solution named "Octopus", since they were the ones who had written about SQRL. Would this be correct, Alan?
  15. C

    The "SQRL Explained" document exists

    Just a small thing I noticed on page 22 of the 1.00 version: "So, although it may go with saying,..." That's supposed to be "without", right?