Alr
Comment on Google Says Sorry After Passwords Vanish For 15 Million Windows Users.
Allero@lemmy.today 3 months agoYep, and Vaultwarden too!
Mwa@thelemmy.club 3 months ago
Comment on Google Says Sorry After Passwords Vanish For 15 Million Windows Users.
Allero@lemmy.today 3 months agoYep, and Vaultwarden too!
Alr
dan@upvote.au 3 months ago
The most secure practice for any high-value accounts (email etc) is to use WebAuthn with a hardware key like a Yubikey.
TOTP is still vulnerable to phishing (a fake login page can ask for both a password and a TOTP code) so business/corporate environments are moving away from them.
Allero@lemmy.today 3 months ago
Sure, hardware keys are superior!
I’m only talking about best practtices when using TOTPs in particular.