Have you looked at PlantUML?
It's time to stop using TOTP, it's vulnerable to AitM phishing. Use FIDO2 hardware keys or passkeys instead.
It's very easy to fall prey to an Evilginx or similar AITM phishing attack. Passkeys or TLS client certificates are the only guaranteed defense. Relying on the user noticing the different domain or the lack of autofill…
Betteridge's law of headlines says no.
Have you looked at PlantUML?
It's time to stop using TOTP, it's vulnerable to AitM phishing. Use FIDO2 hardware keys or passkeys instead.
It's very easy to fall prey to an Evilginx or similar AITM phishing attack. Passkeys or TLS client certificates are the only guaranteed defense. Relying on the user noticing the different domain or the lack of autofill…
Betteridge's law of headlines says no.