|
|
|
|
|
|
by raphinou
315 days ago
|
|
|
Honest question: isn't that introducing some weaknesses, allowing the attacker to either reactivate password auth or add it's own passkey eh by tricking the user in accepting that change after receiving a mail with a link to accept that change?
That would make the passkey unbreakable, but leave other easier to exploit weaknesses. |
|
|