Y
Hacker News
new
|
ask
|
show
|
jobs
by
jamescrowley
3446 days ago
It's a different protocol. Not an expert but as I understand it U2F isn't totally out of band - the browser communicates the URL so the token you give wouldn't be accepted by Google when it is replayed