|
|
|
|
|
|
by apex3stoker
2501 days ago
|
|
|
> What's the point of using security keys with services that require regular SMS or app-based 2-FA as a fallback? It addresses the problem with phishing. The main problem with Authenticator is not that an attacker knows the one-time password, but that an attacker tricks user into entering the one-time password to their UI and uses that right away to take control of the user's account. https://krebsonsecurity.com/2018/07/google-security-keys-neu... |
|
|