Adversary-in-the-middle attacks can strip out the passkey option from login pages that users see, leaving targets with only authentication choices that force them to give up credentials.

  • xyguy@startrek.website
    link
    fedilink
    English
    arrow-up
    2
    ·
    5 months ago

    This is the real takeaway, if you have a forgot password button that bypasses everything then none of it is anything more than a login accelerator.