Hacker News
new
|
past
|
comments
|
ask
|
show
|
jobs
|
submit
login
tptacek
on July 23, 2018
|
parent
|
context
|
favorite
| on:
Google: Security Keys Neutralized Employee Phishin...
This would make sense if virtually every website in the world didn't react to the short-term TOTP secret by handing back a long-term HTTP secret.
lmm
on July 23, 2018
[–]
If there's no point improving client authentication until you've improved website security and no point improving website security until you've improved client authentication then neither will ever get better.
Consider applying for YC's W25 batch! Applications are open till Nov 12.
Guidelines
|
FAQ
|
Lists
|
API
|
Security
|
Legal
|
Apply to YC
|
Contact
Search: