this post was submitted on 14 Mar 2025
463 points (98.5% liked)

Comic Strips

15171 readers
1063 users here now

Comic Strips is a community for those who love comic stories.

The rules are simple:

Web of links

founded 2 years ago
MODERATORS
 

you are viewing a single comment's thread
view the rest of the comments
[–] Dave@lemmy.nz 24 points 2 days ago* (last edited 2 days ago) (2 children)

QR codes just aren't made for security. They shouldn't be used anywhere security is required.

I get what you're saying but it's at least a little bit funny that they are regularly used for security in the form of scan to login (e.g. Steam), verify your session (e.g. Matrix), etc. Of course these are in a closed ecosystem so the QR code itself is not the security. But I just found it funny you said that when 90% of my QR code usage is for security.

[–] rockerface@lemm.ee 23 points 2 days ago (1 children)

I mean, generating a one time QR code for login is one thing. It's the equivalent of a one time password. But a permanent QR code is not that. They still aren't inherently secure, but they can be used in situations where showing a code in plain text would be just as secure.

[–] vaguerant@fedia.io 8 points 2 days ago

Yeah, my language was overly broad. You can use QR codes as part of a system where the security is going on elsewhere, but the integrity of the QR code itself isn't something that can be relied on for security.

[–] Fiery@lemmy.dbzer0.com 7 points 2 days ago

I mean it's more like it's used to transfer small amounts of data over a visual medium in those cases. Basically just a shortcut over having to type a whole string of characters manually.