|
|
|
|
|
|
by crunchatized
2885 days ago
|
|
|
Like GP said, that would give away which accounts have WebAuthn enabled on them, since those without it would send you straight to the password prompt instead. But more importantly, phishing sites will always tell you 'your key succeeded. Enter your password next' regardless, so this doesn't protect against password disclosure at all. |
|
|