|
|
|
|
|
|
by Xylakant
2479 days ago
|
|
|
Having to obtain a physical item is substantially harder to automate than credentials stuffing. Especially U2F which is a practical phishing protection and extremely hard to social engineer (you'd need to mail a token somewhere) should IMHO be default for admin interfaces with elevated privileges. |
|
|