|
|
|
|
|
|
by fuddy
378 days ago
|
|
|
The OWASP auth cheat sheet discusses many of the options for making that phishing of a password useless instead of reacting to its use.. Separate IDPs with weak mfa, fido, etc. And of course if one isn't doing small-time bland business one should consider more complete computing silos for many things, signed email or separate double ratchet oriented messengers, etc. |
|
|