Question

No warning when server uses not matching rpid for Passkey usage

1 odpoveď
0 má tento problém
Posledná odpoveď od markwarner22

Pred 1 týždňom

6. 12. 2024 7:14

When i try to login via Passkey on a server that sends a rpid in the challenge-json that does not match the domain there is only a warning in the console. Why is there no warning where any user can see it e.g. as a Pop-Up? I feel like this might be a way to get users to downgrade from passkey to password in a phishing-attempt.

Thanks for your Answers.

When i try to login via Passkey on a server that sends a rpid in the challenge-json that does not match the domain there is only a warning in the console. Why is there no warning where any user can see it e.g. as a Pop-Up? I feel like this might be a way to get users to downgrade from passkey to password in a phishing-attempt. Thanks for your Answers.

Priložené obrázky

Answer 1 · 2024-12-06 07:14:49.496165

markwarner22

6. 12. 2024 7:17

You need to check with their site support to ask what us going with the login.

Vyhľadajte odpoveď

No warning when server uses not matching rpid for Passkey usage

Všetky odpovede (1)

Pomohla vám táto odpoveď?

Preskúmať podľa produktu

Preskúmať podľa témy

Prehľadávať podľa produktu

Preskúmať všetky vlákna fóra podľa témy

Získať pomoc s

Vyhľadajte odpoveď

No warning when server uses not matching rpid for Passkey usage

Všetky odpovede (1)

Pomohla vám táto odpoveď?