Calls and texting on other devices setting

On the Samsung Galaxy Tablet, there seems to be an option to forward calls and text from Samsung phone to Samsung tablet. However, it appears that the text is only for Samsung Message and that is going away, so does this mean text forwarding won't work since Google message will have to be used?

reddit.com
u/paulsiu — 7 hours ago

Message Pairing and network

So I purchased a new Samsung Tablet for my mom and is setting it up. I tried to setup Google message. It appears that message has to be signed into the same account and then there is a further step in pairing where they select an emoji.

What I have notice that emoji do not appear on her phone even if they are on the same account. However, we are not on the same network so my first question is if you do device pairing do you need to be on the same network? I assume that QR Code also needs to be on the same network. Does bluetooth need to be turned on?

I find the pairing process a bit more complicated than necessary. On imessage, no pairing is needed. You just need to ber signed into the same account. I am not sure why the extra pairing step is needed. Perhaps there is a security reason.

reddit.com
u/paulsiu — 7 hours ago

Login option for android client

I notice that on the android client I don’t see an option for passkey or login with device like on iOS. I am using android 16. Is this normal?

reddit.com
u/paulsiu — 1 day ago

Is Webauthn not working on Firefox android

I am trying to log into Bitwarden on a new android tablet and phone. I am able to log into the Bitwarden app but when it uses WebAuthn for 2FA, it fails with a 404. Is there a known issue with Firefox Android and webauthn?

Update
If I set the default browser to chrome, I can get webauthn step to work logging into the android Bitwarden app. The webauthn faols if Firefox is used.

There are post that Firefox does not have u2f api under android. As an experiment, I log into vanguard which used u2f without issue.

reddit.com
u/paulsiu — 1 day ago

When you can’t use your usb key

Recently I switched to librewolf and noticed that I cannot use my yubikey for passkey or 2fa. After a lengthy debugging I figured out the reason. I had installed it as a flatpak on Linux and the default permission is no access to usb. The issue was fix after I change permission using flat seal. I thought I post this to prevent someone else from a lengthy debugging session.

reddit.com
u/paulsiu — 10 days ago

Anydesk to Android becomes unresponsive

I occasionally use anydesk to help relative diagnose a phone issue. I have notice that recently there is an issue where after the user allow you access, you can control the GUI, but after a while the remote session seems to stop responding to the controls and become view only and I have to disconnect and reconnect. Anyone encountered this issue and have a workaround?

reddit.com
u/paulsiu — 12 days ago

Password and Passkey set up

I think I come up with a password / password setup that I like and feel its reasonably secure.

  1. I use a password manager that is cross platform. I want the flexibility to change platform from Android to Apple, Windows to Mac to Linux to ChromeSO, etc. Websites are store in the password manager.
  2. All site will use 2FA if possible. I prefer TOTP overr SMS. If passkey is available,then I would add that to the password entry.
  3. I protect the password manager with hardware keys. I used 3 keys.
  4. Critical sites like login to financial sites and other important account are store in the hardware key if possible. The idea is that even if they break into the password vault, they still can't login.

One reason I like using the password manager is because I can backup the vault. Storing the passkey a hardware key or a phone is a bit of a pain if you lose the device. I would need to login using the backup key, add the new key and then remove the old key. This is ok if it's one or two site, but if you have 100+ passkey then it's a real pain.

reddit.com
u/paulsiu — 12 days ago

Pan syncing with the induction range

Since I change to induction, virtually all of my cookware become unusable. I purchased a greenpan non-stick cookware. I placed the pan on the bigger circle, but the range turned off, unable to detect the pan. I then place it on the smaller element, which worked, but the element is smaller than the pan, so I am thinking that the outer edge may not get heated. Is this normal for a pan not to be detected if it's too small?

reddit.com
u/paulsiu — 14 days ago

Tablet with long security updates

Which vendor has long security updates? Both Google and Samsung have long update cycle of around 6 to 7 years. Are there other brands with similar long update cycle? Lenovo and one plus seems to only offer update for may be 2-3 years at best. Apple offer long update too but it’s not android.

reddit.com
u/paulsiu — 14 days ago

Anyone use App Streaming to support someone using Android?

I am curious, has anyone try using App streaming to help someone on Android. My thought was that I could remote desktop to their Chromebox and then through phone hub help them with their android? How are app that require biometric authentication handled? the other person has to use the phone?

reddit.com
u/paulsiu — 15 days ago

Upgrading parent's password

Previously, I had an issue where my mom used the same 5 letter password to log into everything. I was surprised that she was not hacked. What I did so far is:

  1. Set her up with a password manager. At the time, I used Last Pass, it's not bitwarden, keep in mind that this was several years ago. The reason for Last Pass is because she had Windows computer and android phone and back then there was no google password manager.
  2. Whenever possible setup the account to use TOTP and have the password manager autofill the TOTP or use CTRL-V to paste it. This is because mom find the process of looking up the code from the TOTP app too difficult, but not if they auto-fill it or she can just paste. Some security expert will feel that this defeat the purpose of TOTP by having it in the same repository. I say this version of 2FA is better han none.
  3. For SMS, I use the google voice if possible. That way I can look up her code, so I can help her enter the 2FA if she can't figure out how to get it from the google voice app.
  4. For SMS that can't be google voice, RCS can be setup to display on more than one device (your device). The chief problem is that my mom can't figure out how to read SMS text. There are too many numbers in the message and she doesn't know which one to enter. In the worse case, I can try remoting to her phone and using teamviewer.
  5. To protect the vault, I am using TOTP mainly because she can't use hardware key. It involves plugging in something and she is not going to do that. What if she plug it into the wrong port and it explodes.

So in most situation, she go to a website, and the fields are automatically filled by the password manager. If there is a TOTP, it's usually filled and if not, she has to paste it. The password manager also work on the mobile apps, but most of them allow you to setup biometrics. The password manager usually get used when there is an update and they need to log the app back in.

She now has only 3 devices. The Chromebox requires her to lgg into the computer using a pin and then the password manager can be access without any access. Essentially the password is protected by the login. This is mostly ok since the Chromebox is not portable and it's chance of being stolen is low. The other two device uses biometric to log into the device and the password manager.

To log into the password vault initially, she must enter a user name, password and the TOTP 2FA. She apparently do not have problems with password, except for being bad at typing. She can either try to figure out the TOTP code from the TOTP app or I can tell her what it is. She doesn't need to log into the vault open, only when there is an update that require relogin. Most of the time, it's just biometrics.

The setup seems to work pretty well though it's not without problems. The main issue is that websites often make changes that break the password manager, requiring some fiddling to fix. Now all of the site either have very strong password or passkeys (also store in the vault).

Future Upgrade

I am trying to upgrade the password vault with a hardware key to prevent phishing attacks on the vault. Because she doesn't want to plug in anything, I am going to have her install a nano style hardware key that sits permanently on the box.. I haven't figure out how to deal with the mobile device though since you can't have something like that permanently attach to the phone or tablet.

reddit.com
u/paulsiu — 16 days ago

Google account hardware 2FA and PIN

I have a google account that I assigned as a 2FA security key. It does not prompt me for a PIN.

Recently, I help someone setup a 2FA for the security key and surprisingly it prompt me for a PIN. My hypothesis is that I setup my hardware key 2FA a long time ago and it is using the older U2F method. Now when I add a security key, it will use the Fido2 method, which does have a PIN.

Do I have this right? Is there a way to turn off the PIN without re-registering it as a U2F key (probably by turning off the feature when registering it).

reddit.com
u/paulsiu — 17 days ago

What's a good way to keep your parents from becoming overly dependent

My mom keeps increasingly ask me to do things for her. Her mental state isn't faulty, she is just afraid of doing things wrong. My concern is that she then stop knowing how to do things. If I pass away before her, there isn't someone who can takeover. My father passed away decades ago. My younger sister passed away suddenly. As I get older, I seemed to develop more and more issue while my mom remain relatively healthy, so it's not inconceivable she will outlive me.

One strategy I have employed is to delay implementing her request. She is very impatient and half the time will do it herself. I tried to keep her educated on stuff but she keeps tuning out.

reddit.com
u/paulsiu — 17 days ago

Trying out a Cryptnox Fido Card

I wanted to try out a different form factors for hardware keys and decided to use a Cryptnox Fido card. The card looks just like a credit card and comes with or without MIFARE. MIFARE is used in door locks and I figure the person using this will never use one of those, so I got te non-MiFare version that is about $5 cheaper. The card cost about $29. The card works just like a regular hardware key with NFC. There is no button to tirigger it though.

I was able to add the card as a security key to google, microsoft, and bitwarden account as both a passkey and a 2FA (except for Microsoft which does not allow hardware key 2fa). Initially, I thought the card was defective, but it turns out positioning is really important. In the case of the iphone 14 Pro Max, you need to place the phone on top of the card so that the card frame the top of the iphone. This was easier than hunting for that spot to trigger NFC for a yubikey. It also has to be from the back of the phone and not the front.

Software is a bit sparse. I don't see a Windows app in the Microsoft store, just a command line app. I don't think there is a Mac app. There is an IOS app and that works pretty well and allow you to lookup info on the card and set pins. The software isn't really needed.

One problem may be a lack of reader support. You will need a mobile device as an NFC. Many tablets do not have NFC, and neither does desktop. Many of the business laptop come with smartcard readers that would probably work with the card. I was able successfully use the card using a contact based CAC reader. You have to pull the card out and push it back in to trigger.

This could be a good option if you want something that can be slip into your wallet.

reddit.com
u/paulsiu — 17 days ago

Anyone having problems with TIAA Push notification

When you log into TIAA, you have an option to push to TIAA mobile app as a 2FA. However, I have never gotten this to work even though I made sure notification is enable for the TIAA mobile app. Has anyone encountered this issue? Has anyone have a solution?

reddit.com
u/paulsiu — 18 days ago

Effect of resetting Fido pin and enabling nfc

If I reset the Fido pin, would it wipe out just the Fido part (ie passkey and u2f) or would certificates on the yubikey be erased as well?

I enable nfc on the key but it’s not working even if it’s enabled. I am curious if this may be a policy set by my employer. Can my employer set a policy to prevent nfc? The key is a yubikey 5 nfc dips.

reddit.com
u/paulsiu — 18 days ago
▲ 2 r/u_paulsiu+1 crossposts

The effect of resetting the fido2 pin and nfc enabling

[deleted]

u/[deleted] — 18 days ago

QR Code cutoff when using Passkey in Extension window

Anyone having this issue. I click on login as passkey in the extension window. It displays a QR Code but it's cutoff. There is no way to scroll or make the window bigger. One workaround so far is to do a popup on the extension window and then click on the passkey link.

reddit.com
u/paulsiu — 19 days ago

Are there ways to get google prompt on ChromeOS devices?

Is there a way to get google prompt on ChromeOS? I tried installing the gmail android app, but google prompt devices does not show up in the account.

reddit.com
u/paulsiu — 20 days ago