|
|
|
|
|
|
by knome
1231 days ago
|
|
|
>WebAuthn is essentially just an alternative to typing in your password. I had thought it was the key confirmation used by openid and that openid was more of an industry keying system backend and push for webauthn on websites. Apparently I need to reread it. webauthn removes all secret information on the company side, making company password database breaches a thing of the past. "Oh no, you stole a public key specific to this website that you can't even use to log into the site you stole it from because you need the private key to do that" |
|
|