|
|
|
|
|
|
by winkelmann
287 days ago
|
|
|
Crucially, it would have to be set up so they need to use the hardware key when pushing any changes. Just requiring a hardware key as a login method does nothing to protect against token stealing, which I believe is the most common form of supply chain attack right now. |
|
|