During account registration, the authenticator generates a credential and passes the corresponding public key to the website for association with the user account.
But how do we know that it’s really our user that holds the credential and not an imposter? For instance, someone who stole the authenticator device.
Download this whitepaper to learn about:
- Vulnerabilities of passwords to Phishing;
- Passwords Are Safer Than Biometrics;
- Passwordless is Less Secure than MFA.