@tokyo_0
With 2FA with one time passcode such as TOTP, SMS, email codes, the user can send this second factor to a hacker who impersonates the service.
There are bots who receive the one-time code and who then send them to the real site to access to the account.
Regarding biometry, this is not a requirement. You can unlock a passkey by a pin (or by a schema on your phone) if you wish. Passkeys are designed to be decrypted by the same way you unlock your device.
@lightninhopkins @timbray
canard164 (canard164@mastodon.social)'s status on Sunday, 28-Apr-2024 01:07:04 JST
-
Embed this notice
canard164 (canard164@mastodon.social)'s status on Sunday, 28-Apr-2024 01:07:04 JST canard164