alt Hacker NewsEver since I almost got phished (wasn't looking closely enough at the domain to notice a little stress mark over the "s" in the domain name, thankfully I was using a hardware wallet that prevented the attack entirely), I realized that anyone can get phished. They just rely on you being busy, or out, or tired, and just not checking closely enough.
Use passkeys for everything, like Thomas says.
Replies
kgeist • yesterday at 10:29 PM
>I realized that anyone can get phished
A few years ago, I managed to get our InfoSec head phished (as a test). No one is safe :)
Y_Y • yesterday at 10:19 PM
Counterpoint: don't use passkeys, they're a confused mess and add limitations while not giving any benefits over a good long password in a password manager.
➕ show 5 replies
If you grok Apple, I wrote up a tutorial on very basic PassKey implementation (for iOS apps), here: https://littlegreenviper.com/series/passkeys/