GNU social JP
  • FAQ
  • Login
GNU social JPは日本のGNU socialサーバーです。
Usage/ToS/admin/test/Pleroma FE

  • Public

    • Public
    • Network
    • Groups
    • Featured
    • Popular
    • People

Conversation

Notices

  1. Embed this notice
    Kevin Beaumont (gossithedog@cyberplace.social)'s status on Saturday, 29-Mar-2025 20:44:02 JST Kevin Beaumont Kevin Beaumont
    in reply to
    • Troy Hunt

    @troyhunt almost every large service still has SMS account recovery, as account recovery is king. Also Evilginx can just remove the Passkey auth option in the sign in flow, whilst phishing.

    In conversation about 3 days ago from cyberplace.social permalink
    • Embed this notice
      Troy Hunt (troyhunt@infosec.exchange)'s status on Saturday, 29-Mar-2025 20:44:03 JST Troy Hunt Troy Hunt

      I'm writing up a blog post called "Passkeys for Normal People", which is a non-trivial exercise. For example, whilst LinkedIn "supports" passkeys, it doesn't seem to allow using them as a second factor *or* a sole factor, so you're still left with passwords and OTPs. Correct?

      In conversation about 3 days ago permalink

Feeds

  • Activity Streams
  • RSS 2.0
  • Atom
  • Help
  • About
  • FAQ
  • TOS
  • Privacy
  • Source
  • Version
  • Contact

GNU social JP is a social network, courtesy of GNU social JP管理人. It runs on GNU social, version 2.0.2-dev, available under the GNU Affero General Public License.

Creative Commons Attribution 3.0 All GNU social JP content and data are available under the Creative Commons Attribution 3.0 license.