Comment by Borealid
16 hours ago
You can't provide a passkey to a malicious site without writing your own web browser. And the "password" is a 128-bit integer.
It completely solves the phishing-password-stealing problem.
16 hours ago
You can't provide a passkey to a malicious site without writing your own web browser. And the "password" is a 128-bit integer.
It completely solves the phishing-password-stealing problem.
That was an example, I was talking about phishing in general. Phishing will always exist: as long as a human has a right to do something, someone else can trick this human into doing it for them.
Passkeys are great, and they do improve the situation. But they won't remove phishing as a concept.