|
|
|
|
|
|
by exabrial
3095 days ago
|
|
|
'U2F + password' is very secure and can't be phished if implemented fully. However, even Google doesn't do U2F correctly :( U2F authentication needs to happen _every_ time a new TLS session is established in order to be 100% phish proof |
|
|