|
|
|
|
|
|
by roundandround
1123 days ago
|
|
|
If a passkey is something you know then you are using a failed implementation. A fido/authn device is supposed to be able to attest to never having let the private key out, even with a relaxation to passkeys it should at least be sending it to another device that can attest. |
|
|