Outer Web | Explore

Explore >> Select a destination

You are here		blog.trailofbits.com The cryptography behind passkeys -The Trail of Bits Blog
\|	\|	blog.cryptographyengineering.com A bit more on Twitter/X's new encrypted messaging - A Few Thoughts on Cryptographic Engineering	10.8 parsecs away Travel
\|	\|	Update 6/10: Based on a short conversation with an engineering lead at X, some of the devices used at X are claimed to be using HSMs. See more further below. Matthew Garrett has a nice post about Twitter (uh, X)'s new end-to-end encryption messaging protocol, which is now called XChat. The TL;DR of Matthew's post...	10.8 parsecs away Travel
\|	\|	palant.info Should your next web-based login form avoid sending passwords in clear text? \| Almost Secure	9.0 parsecs away Travel
\|	\|	Allowing password-based authentication without letting the server know the password is fascinating. Unfortunately, for web applications this doesn't solve any problems.	9.0 parsecs away Travel
\|	\|	www.cossacklabs.com Security tips on using YubiKey and FIDO U2F \| Cossack Labs	7.4 parsecs away Travel
\|	\|	Designed for securing online accounts, FIDO U2F as a protocol and YubiKey as a hardware tool are not silver bullets. If not used wisely, this powerful combo becomes an attractive target in the hands of skilful attackers.	7.4 parsecs away Travel
\|	\|	www.strongdm.com What Is Passwordless Authentication? (How It Works and More) \| StrongDM	69.3 parsecs away Travel
\|		Passwordless authentication is a verification method in which a user gains access to a network, application, or system without a knowledge-based factor ...	69.3 parsecs away Travel