Re: South Africa On Lockdown - Coronavirus - Update!

[Michael Thomas]

I don't know about Fido, but i've been making that point about Oauth for 
a very long time. As a browser mechanism which implements a sandbox it's 
fine. But when you have apps that can reach out of the sandbox it is 
definitely not fine.

Mike
On 3/23/20 2:59 PM, Keith Medcalf wrote:
Both Fido and OAuth2 are inherently insecure.

While they may be better than nothing at all, they are only very slightly 
better than proper password selection and management.