Uncle Joe
Uncle Joe
In away, it would open up for the possibility for apps to drop the implementation of password and traditional MFA and only use passwordless login. It would be far cheaper...
Here is a report from Bitwarden concerning passkeys. Passkeys are taking off: - Over 15 billion online accounts can now use passkeys - Bitwarden reported a 550% jump in daily...
> Except if the site falls back to another method like OTP codes to SMS or email which many of the implementations do then you have rendered the phishing resistance...
In Norway, we have a national page where you can get your eIDAS LoA3 authenticator activated using your passport or European ID card. https://bankid.no/hjelp-bankid-app (In Norwegian I am afraid) Most...
I can give you more, but there are a lot of examples here. There are several options, but I find these 3 options to be the best: 1. Use a...
> All the attacker has to do is create a 2 step phish where it asks for their email address in the first step and then asks for an emailed...
Android 13 will receive Security Patches until March 2026, but it's up to the manufacturers to support it. The marked share for later versions is close to reaching 50%. https://gs.statcounter.com/android-version-market-share...
We should ensure we help them out with this. We also need to help out OpenCRE and the MAS project to ensure they are connected (e.g: importing MASV into OpenCRE)...
See https://github.com/OWASP/threat-dragon/issues/140
see: https://github.com/OWASP/threat-dragon/issues/1373