Phishing is different (from the user's POV) than exporting a password and "giving it away". I don't see how phishing would be applicable to passkey exports.
Nope, it's exactly that: tricking people into believing that they are exporting their passkey securely where actually they are sharing it with the attacker.
> I don't see how phishing would be applicable to passkey exports.
Phishing is applicable to everything humans can do: if you can ask a human to do it, you can phish a human to do it.
Not sure why this is being downvoted. This user (palata) is correct — phishing is any attempt by an attacker to trick a user into giving up sensitive information.
Phishing is different (from the user's POV) than exporting a password and "giving it away". I don't see how phishing would be applicable to passkey exports.
> Phishing is different
Nope, it's exactly that: tricking people into believing that they are exporting their passkey securely where actually they are sharing it with the attacker.
> I don't see how phishing would be applicable to passkey exports.
Phishing is applicable to everything humans can do: if you can ask a human to do it, you can phish a human to do it.
Not sure why this is being downvoted. This user (palata) is correct — phishing is any attempt by an attacker to trick a user into giving up sensitive information.
For anyone who is confused:
https://www.cloudflare.com/learning/access-management/phishi...