cm0002@lemmy.world to memes@lemmy.world · 1 month agoTake your passkey and shove it where the sun don't shinelemmy.worldimagemessage-square169fedilinkarrow-up1585arrow-down141
arrow-up1544arrow-down1imageTake your passkey and shove it where the sun don't shinelemmy.worldcm0002@lemmy.world to memes@lemmy.world · 1 month agomessage-square169fedilink
minus-squareNatanaellinkfedilinkarrow-up3·1 month agoTOTP codes can be phished, hardware security keys and passkey can’t
minus-squareEngywook@lemm.eelinkfedilinkarrow-up1arrow-down1·1 month agoI doubt that anyone that doesn’t use “password” as a password and who knows what 2FA is could be easily subject to phishing.
minus-squareNatanaellinkfedilinkarrow-up3·1 month agoIt literally just takes a slightly different domain name. Lots of infosec pros have been phished when not paying attention
TOTP codes can be phished, hardware security keys and passkey can’t
I doubt that anyone that doesn’t use “password” as a password and who knows what 2FA is could be easily subject to phishing.
It literally just takes a slightly different domain name. Lots of infosec pros have been phished when not paying attention