Recent content by PHolder

Yes, it doesn't appear like they intend to fix the issue, near as I can tell. I can't be personally bothered to fight that fight with them, I've had my bug reports buried too many times before.

Additionally, if you make even one single mistake while using it, it will be cleared and the full password will be required. You do NOT get any second chances with the quick password.

Any account you ever create is in one of three states. 1) You're new there. They don't know you as you've never been there before. You make some assertions about who you are and you create an account. 2) You've returned. They don't know you're you, but you assert that you are, and you provide...

Okay, but it's probably NOT Javascript, so that was what I was wondering. I suspect there is something particular going on related to Javascript or something.

Are you directly linking to the Emby server (i.e. manually entering a URL into the browser)? SQRL uses Javascript to access the port 25519 localhost URL and I assume it is some part of that this causing the problem. If you capture the URL and manually enter it, it will cause SQRL to prompt you...

I am running Firefox 84 and nothing has changed, near as I can tell... it's still broken.

In a word or two: Yes, it would be a bad idea to do that. The longer reason why it's a bad idea: The only way to use a self-signed certificate is if the key is installed in the clear. (Yes you can encrypt it, but then you need to store the encryption password in the clear. It is a physical...

Yes, it already has if you use the new feature, but according to @shanedk Firefox is going to fix the current breakage. I already posted about this: https://sqrl.grc.com/threads/warning-new-firefox-feature-will-break-sqrl.1188/ We need to make sure the browser designers understand that...

Thanks for the info @shanedk . Here's hoping they actually do manage to get it fixed. I am fast losing faith in Mozilla to do anything like the right thing any more. :cautious:

Firefox recently implemented (and even promoted) a new feature for HTTPS Only mode. This feature stupidly applies to localhost connections, which will break the SQRL client connection. @Steve should probably mention this on the podcast. Other people should report feedback to Firefox to let...

I'm unsure what you expected Iain, but you were in the process of importing a user ID that was exported from another client. Using the import option is what you should have done, and it appears it did work for you, so I'm unsure what you're reporting here?

Sorry Scott, but the answer is "it is what it is." This forum software is a commercial product, so if you wish, you could look around on XenForo's support site for any support, but as for changes around here, that likely isn't going to happen. @Steve is pretty detached from these forums these...

Sounds interesting, but we need someone with dev experience on this platform to answer if it would be possible, and hopefully, if it is possible, to write the code, or to refactor some existing code. (It looks to me like CASA plugins are written in Java, there is Java code out there in the form...

It's been a long time since I looked at the Javascirpt but my memory has it that the Javascript polls the client, and this is the signal the client uses to know the "back channel" is available/established. Without the back channel, the client is without its anti-spoof protection.

IMHO the ideal approach would be for SQRL to be on it's own page, with helpful links and explanations (and thus moving the "pinging" Javascript off the main landing page.) Since you only ever register for a site once, it's silly to have more than a link to a register page IMHO. What would be...