Y
Hacker News
new
|
ask
|
show
|
jobs
by
wopwopwop
3452 days ago
Not really. The phisher can just ask for the second factor the same way they ask for the password.
1 comments
angrygoat
3452 days ago
U2F knocks this on the head - a MITM site won't have the secret required to generate the token.
link