From the first, no. It does handle the second and third, IIRC. | Hacker News

Hacker Newsnew | past | comments | ask | show | jobs | submit

		gavinhoward on Dec 17, 2024 \| parent \| context \| favorite \| on: Microsoft Confirms Password Deletion for 1B Users From the first, no. It does handle the second and third, IIRC.

lima on Dec 17, 2024 [–]

It doesn't handle these either - what stops the user from entering their password on an attacker-controlled phishing page?

Passkeys work because the user can't be tricked into entering their private key on a phishing website.

gavinhoward on Dec 17, 2024 | [–]

Browsers could help with this. They just don't.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact