Google’s passkey ecosystem quietly depends on a powerful cloud-side component that changes where “passwordless trust” actually lives and that shift could open new avenues for account takeover in the real world. Most passkey discussions focus on WebAuthn and FIDO specs, but attackers care about implementations, not standards. In Google’s case, synced passkeys sit on top […] The post Google Authenticator’s Hidden Passkey Design May Expose New Passwordless Attack Vectors appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.
First seen on gbhackers.com
Jump to article: gbhackers.com/google-authenticators-passkey/
