Hacker News new | ask | show | jobs
by tptacek 251 days ago
This is exactly how not to defend against phishing. The meaningful defense is to foreclose on it entirely, not to just get super good at spotting fakes.
1 comments
classified 251 days ago
> The meaningful defense is to foreclose on it entirely

Sounds easy enough in theory. How do you do that in practice?

link
9dev 251 days ago
Use passkeys. Bully services that don’t offer them or lock them behind enterprise plans into implementing them.

That’s it. The single working Defense against credential theft.

link