|
|
|
|
|
|
by idle_zealot
1503 days ago
|
|
|
Users don’t know how a site implements FIDO either. With any authentication system you do have to trust the server you’re accessing to identify you correctly. Take FIDO: sure, in theory someone would have to be close to you to steal the “thing you have”, but if the service you’re authenticating with doesn’t implement the protocol properly or is hacked, then attackers may be able to access your account without being anywhere near you. All authentication schemes offer benefits only if implemented correctly. |
|
|