Ask HN: How much of a threat is device fingerprint spoofing?
I am looking into various trusted browser flows and I wasn’t sure how high the risk is of device fingerprint spoofing. I feel like the most secure solution would have the server generate a key+ salt and sign it in addition to the fingerprint . I feel like a lot of implementations may rely solely on the fingerprint , however .
What is the best practice here ? How much of a risk is it to rely solely on the device fingerprint ?
0 comments
[ 3.0 ms ] story [ 7.4 ms ] threadNo comments yet.