Over 5,300 internet-exposed GitLab instances are vulnerable to CVE-2023-7028, a zero-click account takeover flaw GitLab warned about earlier this month.
The idea with passkeys though is that it’s like a dongle, not just your phone number. It’s not an SMS code or link, it uses the cryptography hardware of your phone to authenticate. But the question of “what happens if I lose my phone” still persists.
The idea with passkeys though is that it’s like a dongle, not just your phone number. It’s not an SMS code or link, it uses the cryptography hardware of your phone to authenticate. But the question of “what happens if I lose my phone” still persists.
https://fidoalliance.org/passkeys/
https://developer.apple.com/passkeys/
https://blog.google/technology/safety-security/the-beginning-of-the-end-of-the-password/amp/
I mean it’s just 2fa without the password so same issues with what I described
https://www.csoonline.com/article/570795/how-to-hack-2fa.html
just the first result on google