logoalt Hacker News

vel0citytoday at 2:00 PM2 repliesview on HN

"Dang, this site isn't working right with the password manager's detection. Guess I just gotta paste the password in again..."

Meanwhile U2F/Passkeys can't possibly be abused like this.

Replies

tjofftoday at 2:07 PM

Yeah but the downsides of passkeys make them so much worse anyway.

show 1 reply
bonoboTPtoday at 2:08 PM

Exactly. All these ideals work in theory but then in reality banks are also incompetent and will use all kinds of domains.

Same with meta and Google where they often direct you to domains that aren't under their main one and it's actually legit, but there's no way to know. It's impossible to teach family members to pay attention if it's really that domain because it's often legit not that domain.