Y
Hacker News
new
|
ask
|
show
|
jobs
by
macrael
700 days ago
Passkeys or FIDO hardware tokens are the solution, as written up by Google ages ago, because they only enter the TOTP code when the URL matches the right site, it wouldn't enter the code for the phishing URL