Yev from Backblaze here -> Interestingly we thought about this kind of thing. That's partially why we left the link "naked" instead of hyperlinking text and added alternative instructions underneath it for the password reset to give security-minded folks a way to take the action without clicking anything.
1. Firefox with the following addons:
1.1 idn safe
1.2 ublock origin
1.3 cookieblock
1.4 ublacklist with domains that scam you or are trash.
2. An verifying DNS resolver, dnssec is enabled in my "critical" domains, so those domains will get errors if someone tries to give me wrong answers
Yev from Backblaze here -> Interestingly we thought about this kind of thing. That's partially why we left the link "naked" instead of hyperlinking text and added alternative instructions underneath it for the password reset to give security-minded folks a way to take the action without clicking anything.
Kudos to you for thinking about this stuff!
Goofy question, I also got this email and am trying to go through the process. However no emailed ever make it to my inbox.
Is Blackblaze getting flooded with these requests? I'm also a bit confused at the decision here. :)
Basically yes, so they are a bit slow to send. We reset quite a few passwords so the system is overloaded a bit. More details from our CISO on our subreddit: https://www.reddit.com/r/backblaze/comments/1j67bte/comment/....
In general, not much, be mindful following links and verify the site you're on before inputing anything sensitive
My protections:
1. Firefox with the following addons: 1.1 idn safe 1.2 ublock origin 1.3 cookieblock 1.4 ublacklist with domains that scam you or are trash. 2. An verifying DNS resolver, dnssec is enabled in my "critical" domains, so those domains will get errors if someone tries to give me wrong answers
I’m suspicious anytime that my iPhone or Mac doesn’t automatically suggest filling in the password for a site.
Passkeys, as they are tied to the domain (relying party ID).
this is why browsers don't render the glyph in the url, preferring to render it as www.xn--vi8h.ws instead of www.pizza-emoji.ws