Comment on Passkeys are generally available on GitHub

<- View Parent
SorteKanin@feddit.dk ⁨1⁩ ⁨year⁩ ago

Standard MFA (time based codes) is not phishing resistant. Users can be social engineered into giving up a password and MFA token.

So basically this is just idiot-proofing the system. If you aren’t the type of person to give your password or MFA token to another person, then passkeys don’t really make better security.

source
Sort:hotnewtop