[monoideism]

Significant forms of phishing are stopped by U2F (as used by Yubikey and others), by crytographically binding your credential to the domain name , and only issuing an approval signature if the site matches. Obviously, this stops credential phishing.

https://krebsonsecurity.com/2018/07/google-security-keys-neu...

https://medium.com/@antonisikora/how-u2f-security-keys-can-e...

[Thorrez]

You and zamalek appear to be in agreement.

[monoideism]

You're right - I misread the comment. I'd delete my comment if I could.