RC RANDOM CHAOS

passkeys

1 post

SMS 2FA was never authentication
Article

SMS 2FA was never authentication

Microsoft is replacing SMS one-time codes with passkeys. M. Hale defines what failed, why it failed, and where the boundary still leaks.