Hacker News new | past | comments | ask | show | jobs | submit login

Phishing relies on visual confusion to get people to enter their passwords on a site that isn't the one they think it is.

WebAuthn credentials are bound to the issuing domain, so the user agent will not supply a passkey to a domain other than the one it should go to.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: