Update: App Passwords no longer have access to your invite codes, to ensure that third-party tools cannot claim your invite codes without your awareness.
Please only login to third-party tools that you trust, and always use an App Password (a temporary solution until we implement OAuth). 🧵
❓ Q: What are App Passwords?
💬 A: App Passwords are revokable passwords you can use to login to third-party tools. You can generate them at Settings > Advanced > App Passwords.
❓ Q: What permissions do App Passwords have?
💬 A: They have most of the same abilities as the user's account password, but they're restricted from destructive actions such as account deletion. They are also restricted from creating additional app passwords and from viewing invite codes.
Second half of the post kinda answers this - unlikely to implement a bunch of changes to a temporary feature. This one was just very necessary for preventing a huge explosion of scammers with invites.
Can we have an esthetic improvement in the way users can reset their password? make it to use the email explicit, and allow also to have a 'forgot email' feature in cases people forget which they used ?
Ability to edit the email used at registration would be really cool ! @pfrazee.com
@safety.bsky.app , since the users are meanwhile coming in huge numbers, when do you plan to have 2FA implemented? Security is key & plain passwords are compromised in minutes or less. Any chance you could provide the possibilities for securing our accounts? Right now the situation is unsafe ../2
..2/ to say at least. Could you eloborate, if, when and what kind of 2FA you´re implementing and how the time schedule on this tasks is? And while talking about project timelines: is there a timeline available with estimated dates for at least milestones? That would be great.
I got one after I'd been here ~about~ a week, a second ~about~ a week later. Number of invite codes available shows up on the right under the search box, in the browser at least.
I accidentally left a letter out of my email address when I created my Bluesky account. I have tried to figured out how to edit it, but cannot figure it out. How do a fix it? I just need to add a letter to it.
Please let the app passwords but also as a feature after there is OAuth.
**And: We need here extremely urgently 2FA with Fido2 and gladly also Passkeys.**
And for me I would like to use X.509 certificates for authentication ;)
Personally advise no one give these invites out on Twitter
Had two brand new invites
Stolen
Would love to trace those invite
Numbers and find Elmo s trolls
How bout it Jack?
Pues no he usado apps de esas, pero creo entender que aplicaciones externas a las que dabas permisos podían acceder a tus códigos de invitación y robártelos, así que han capado el acceso de esas apps a los códigos.
It's a legitimate question, though.
I just joined, and I also have the same question.
Not a luddite either, just uninformed.
Be gentle.
Is there a link to a list of useful 3rd party apps that interface with BlueSky?
Are they even worth using or are they all buggy/sucky since it's so early?
As a matter of fact, there is such a list, and documentation for the entire atprotocol, which Bluesky is based on. Here's the list of apps: atproto.com/community/pr... and here's where to start with the documentation: atproto.com/guides/overv...
and I wasn't trying to be exclusionary or gate-keepy, but I acknowledge my first reply may have come off that way. You're right, it is a legitimate question.