FIDO

Downgrade Attacks: When Even Strong Authentication Can Be Tricked

FIDO-based passkeys (like hardware keys, biometrics, or “passwordless” logins) are considered one of the best ways to protect accounts from phishing and takeover threats. They’re strong because they don’t rely on passwords or codes that can be easily stolen. But researchers at Proofpoint have found a new trick called a “downgrade attack.” Here’s how it […]