florianlackner
/posts /about /contact

Modern Digital Identity (4 posts)

How I Switched to Passkeys

Posted on March 21, 2026  · 3 min read  ·  #security  #fido 

How I Switched to Passkeys

It’s 2025 and the Shai-hulud supply chain attacks are rolling over the npm ecosystem. It’s a wake-up call. The worm exposes how poorly many developers handle security. I too work with npm on a daily basis. I too use insecure practices all over my digital life. I’ve been thinking about improving matters since a while. Shai-Hulud was the last thing it needed to finally get me to take action.

What are Passkeys?

Passkeys are hardware security tokens that follow the FIDO2 / Webauthn standard. The come in the form of tiny USB-sticks with a button.

Read More >

How I'm using Password Managers

Posted on March 25, 2026  · 3 min read  ·  #security  #fido 

How I'm using Password Managers

Passwords are hard. Yet, they are the one authentication mechanism supported by every service we’re using. Sometimes even the only one. Since they are so difficult to avoid, we need a strategy to cope with them. Let me show you mine.

The ideal password

The ideal password fulfills the following criteria:

  1. It’s used only for one account.
  2. It’s random and long enough to make brute-forcing impossible.
  3. It’s not stored unencrypted in a file.

So we have to create a long, random password for each website and remember it. That’s impossible.

Read More >

How I Do Backups

Posted on March 29, 2026  · 3 min read  ·  #fido 

How I Do Backups

Things will go wrong. And if we don’t come prepared, we’re going to lose data. Which can be anything from annoying to catastrophic. Let me show you how I keep my data secure. Let me show you how I do backups.

Basics

Backups can and should be simple. You periodically copy all your data onto a USB drive and call it a day. This setup does the trick for most people. I’d recommend it any day over not doing backups at all. However, it has two flaws.

Read More >

How I Took Control of My Email

Posted on April 3, 2026  · 4 min read  ·  #email 

How I Took Control of My Email

Email addresses are the base of our digital identity. If somebody takes control of an email address, they usually take control of all accounts attached to it via the Password Reset functionality. In this sense, your email address is the most critical part of your digital identity.

Yet, most people are using Google Mail or other “free” service providers for their email, effectively giving up control over their email address. The one who pays is in charge and if you don’t pay for a product, you’re the product. Everything comes with a price. I’m willing to pay a little to break free from Big Tech. How about you?

Read More >