> this same approach applies to all other authentication tokens Not true. FIDO a... | Hacker News

Hacker Newsnew | past | comments | ask | show | jobs | submit

		Eisenstein on Nov 30, 2022 \| parent \| context \| favorite \| on: No Privacy in the Electronics Repair Industry > this same approach applies to all other authentication tokens Not true. FIDO and prevents this. The key is bound to the site you authorized it on, so inputting the key while connected to a phishing site will do nothing. * https://www.yubico.com/authentication-standards/fido-u2f/

jaclaz on Nov 30, 2022 [–]

Yes, I meant those (I believe much more common) various hardware token generators and those "in-app" ones (issued by the bank), that end up as a 6 or 8 digits that you have to type on the site.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact