undefined | Better HN

0 pointsjsmith994y ago0 comments

Ironically this is more of a problem now on desktop, where eg a website (such as eBay) in Firefox pops up a PayPal login window without an address bar and there is no way to verify the domain without using developer tools

0 comments

3 comments · 1 top-level

tialaramex4y ago· 2 in thread

Really PayPal should get with the times and offer WebAuthn, where upon it isn't a problem (WebAuthn credentials are domain bound, so, if that window isn't PayPal then it can't have PayPal credentials)

Asking humans, who often don't even notice when they wrote an entire word twice in a sentence, to "verify the domain" is nonsense, machines are good at this problem, let the machines do it.

dcow4y ago

Ebay supports WebAuthn, does PayPal not?

tialaramex4y ago

If it does, that's be great, as I do have a PayPal account to solve a problem I had with one payment platform, but when I last looked it only offered TOTP

1 more reply

j / k navigate · click thread line to collapse