|
|
|
|
|
|
by tptacek
255 days ago
|
|
|
The commit access thing is a joke. I think it's a joke. It's mostly a joke. MFA is not in general phish-resistant. But Passkeys, U2F, and FIDO2 generally are, because they mutually authenticate; they're not just "one time passwords" you type into a field, but rather a cryptographic protocol running between you and the site. |
|
|