|
|
|
|
|
|
by bobbiechen
230 days ago
|
|
|
As opposed to username/password, where... An attacker that controls the email address can log right in. Unless you mean to say I should set up 2FA for my CSS theme variable helper website? Passkeys and OAuth/social login are great, but everyone has an email. And I don't think any mainstream site supports only passkey as an auth method (and no other way). |
|
|
big tech is only allowing Social login from another big tech anyway, they use whitelist and banning everyone that dont use that because they cant guarantee untrusted "third party"