|
|
|
|
|
|
by nine_k
657 days ago
|
|
|
I mean a separate physical device, like, well, a Yubikey, that can't be automated away due to some vulnerability or UI spoofing. A browser keeps your client-side certificates. A browser is a hardened, but also an incredibly complex piece of software. Chances that an exploit would let coax it into activating a particular client-side certificate without your noticing are pretty slim (hopefully), but for a hardware key which is simpler and even more hardened these chances are lower still. |
|
|