On Thu, Mar 14, 2019 at 11:25 AM Alex Gaynor <agay...@mozilla.com> wrote:
> one overriding concern: phishing, particularly moderately-sophisticated > phishing which can handle forms of 2FA such as TOTP, SMS, or push, is a > scourge. TOTP was never much defense against phishing, just password compromise (shoulder surfing, site breaches). In the late 90's AOL support techs were regularly phished for their RSA-fob tokens by people trying to get into AOLs systems. WebAuthn is solving a very real and very old problem. -Dan Veditz _______________________________________________ dev-platform mailing list dev-platform@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-platform
