• MSids@lemmy.world
    link
    fedilink
    English
    arrow-up
    0
    ·
    7 months ago

    App-based TOTP are not phishing resistant and do not require any level of proximity to the login session. The future is more likely passkeys that use device TPMs.