|
|
|
|
|
|
by kevincox
1366 days ago
|
|
|
To nitpick: s/there is no secret on the target server/the target server never sees the secret/ With proper password storage the target server never keeps the password. It course that is difficult to verify. With U2F the secret can't store a secret they can't see. |
|
|