Quick reminder that the best way to verify yourself and your content is with PGP signatures. Relying on 3rd parties to verify yourself is a bad practice as it introduces another attack vector. Attackers have impersonated "verified" accounts Twitter, YouTube, & Facebook.

This toot is signed using PGP. An attacker would need to have access to my private PGP key to impersonate me. If my private key is exposed, I could easily retire the key with a message like "this key has been exposed". No need to wait for a big tech social media support team to investigate. I made a little app to post PGP signatures on sites with limited character counts too (https://pgp.clar.ke/P).

#PGP #PGPSignature #Privacy #Verified

can i just say that putting a :verified: or :bluecheck: or whatever emoji next to your name has exactly one use case: when you are mocking how easy it is to do.

i can't believe the number of week-old accounts who insist on verifying as though 1) anybody cares or 2) it actually matters.

if you need to verify, post a fucking email address or phone number or pgp signature or literally any other actual verification metric.

---------
Hashtags
---------
#verified #bluecheck #emoji #mocking #verifying #verify #email #emailAddress #phone #phoneNumber #pgp #pgpSignature #pgpKey #verification