• @MSids
    link
    English
    29 months ago

    App-based TOTP are not phishing resistant and do not require any level of proximity to the login session. The future is more likely passkeys that use device TPMs.

      • @MSids
        link
        English
        29 months ago

        Those are better, but are also not phishing resistant.