Recent content by shanedk

  1. shanedk

    How to use SQRL to my own web site?

    Unless you want to set it up to use OAuth, you're going to have to run something on the backend. What technology is the server running?
  2. shanedk

    Websites using SQRL

    And how would your newsreader know that happened? The newsreader is the issue.
  3. shanedk

    Websites using SQRL

    I'm not even sure that it's possible, since the newsreader would have to be able to display a SQRL QR code and receive the authentication token. Remember that this is 1980s technology.
  4. shanedk

    New user's opinion about SQRL in 2020

    It's certainly possible for a malicious script to flood the server with tons of SQRL login requests, but that can also be done with anything else. A script can flood a server with bogus login requests with random usernames and passwords. DDoS mitigations are there to take care of that sort of...
  5. shanedk

    Localhost security

    I really don't understand the point of this feature. All they have to do is turn off the mixed-mode warning when the insecure resource is on localhost. They were supposed to do this a whole bunch of versions ago, but apparently it only applies to certain cases.
  6. shanedk

    Can SQRL replace the need of keys on the blockchain?

    These are two completely different problems. You could use SQRL as a solution, but I wouldn't advise it.
  7. shanedk

    Feature request prioritiy

    I've gone through background.js a few times and it really isn't clear to me how to go about this. I can see the point you're talking about, but this needs to be a multi-step process after getting the user input: Read the encrypted identity from browser extension storage (I'm not sure exactly...
  8. shanedk

    Feature request prioritiy

    Personally, I don't think it's a great idea to make people type in the Rescue Code too often. Just more opportunities for keyloggers etc. Secrecy of the RC is crucial. But I think we at least need to be able to change passwords, and create a new password from the RC. The QuickPass would also be...
  9. shanedk

    Feature request prioritiy

    I could start with something relatively straightforward, like importing an identity with the password instead of requiring the Rescue Code.
  10. shanedk

    Feature request prioritiy

    Sounds great!
  11. shanedk

    Feature request prioritiy

    Is there a design document or something like that? With a lot of things being closed down due to coronavirus fears, I'll probably have some time to contribute to projects, but looking at the code I don't really see how to go about adding one of these new features into the design.
  12. shanedk

    SQRL Foundation

    The web server running SQRL would allow it to communicate to websites using the SQRL API, which is incredibly easy for websites to implement. Alternately, a separate SQRL service/daemon would do the same thing. That's how this forum is set up, in fact.
  13. shanedk

    Changing SQRL Password - do I have to do it on every instance?

    I think you're just making things harder for yourself if you do it that way. It's easier IMO to have a single secure passphrase you use for all your SQRL clients. If you're worried about situations like a phone where it's easier to type, just make it a 5 diceword passphrase. It's not that...
  14. shanedk

    SQRL Foundation

    The main issue is, we need servers to implement it so users can use it. But there just aren't enough server solutions right now. We need solutions as close to drop-in as possible for PHP and other server platforms. It does no good to convince a website to use it only for them to say "How do we...
  15. shanedk

    Websites that could use help adopting SQRL

    The only part that requires HTTPS is the SQRL connection. The rest can be HTTP.