• @MSids@lemmy.world
    link
    fedilink
    English
    28 months ago

    App-based TOTP are not phishing resistant and do not require any level of proximity to the login session. The future is more likely passkeys that use device TPMs.