A review of my experience with Bitwarden after several years of self-hosting it, and why I decided to move away from the password manager.

A review of my experience with Bitwarden after several years of self-hosting it, and why I decided to move away from the password manager.

Note: this is not my article.

  • MonkderVierte@lemmy.zipEnglish
    3·
    3 days ago

    This is done as domains need to be ASCII only

    They don’t need to, but a punycode-attack is done by using a letter of another language that looks almost identical. I think you still have to actively enable the defense against it (some about:config setting), the poster did.

    • Elvith Ma'for@feddit.orgEnglish
      7·
      2 days ago

      DNS is ASCII only and so this conversion is done. It is not needed to display the “technical” domain name that results when you enter a domain name with non ASCII chars in apps, but yes, this prevents character confusion.

      https://en.wikipedia.org/wiki/Internationalized_domain_name

      In the Domain Name System, these domains use an ASCII representation consisting of the prefix xn-- followed by the Punycode translation of the Unicode representation of the language-specific alphabet or script glyphs. For example, the Cyrillic name of Russia’s IDN ccTLD is рф. In Punycode representation, this is p1ai, and its DNS name is xn--p1ai.