|
|
|
|
|
|
by jesseendahl
967 days ago
|
|
|
>This doesn't seem materially different from "please go to your emails and find the six-digit code we just sent you". Exactly, that's the problem lxgr is pointing out. Those six-digit codes can (and often are) phished by e.g. tech support scam attackers. lxgr is pointing out the same exact attack could be done against an exported passkey. |
|
|
We have to rename and re-enroll your device token so your laptop can still log in.
Click “I registered this credential” when you get the alert about it so your old credential that you added before will still work.
Is harder to pull off than:
Go to your password manager and export the entire database locally stored passwords. Now, print it out and read this 200 character string to me over the phone, or just email the file to me.