Avatar for Username

Search Support

Avoid support scams. We will never ask you to call or text a phone number or share personal information. Please report suspicious activity using the “Report Abuse” option.

Learn More

No warning when server uses not matching rpid for Passkey usage

  • 1 èsì
  • 0 ní àwọn ìṣòro yìí
  • Èsì tí ó kẹ́hìn lọ́wọ́ markwarner22

Simon Gräff
Simon Gräff
more options

When i try to login via Passkey on a server that sends a rpid in the challenge-json that does not match the domain there is only a warning in the console. Why is there no warning where any user can see it e.g. as a Pop-Up? I feel like this might be a way to get users to downgrade from passkey to password in a phishing-attempt.

Thanks for your Answers.

When i try to login via Passkey on a server that sends a rpid in the challenge-json that does not match the domain there is only a warning in the console. Why is there no warning where any user can see it e.g. as a Pop-Up? I feel like this might be a way to get users to downgrade from passkey to password in a phishing-attempt. Thanks for your Answers.
Ìsopọ̀ yíyà aṣàfihàn

All Replies (1)

markwarner22
markwarner22
more options

You need to check with their site support to ask what us going with the login.

Helpful?

Béèrè ìbéèrè

You must log in to your account to reply to posts. Please start a new question, if you do not have an account yet.