You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
One possible approach here is to have CredentialContainer automatically insert bogus identifiers into the returned list. If so, the count, length, and order should all be randomized.
The text was updated successfully, but these errors were encountered:
See the following for details:
https://www.w3.org/TR/webauthn-2/#sctn-username-enumeration
https://www.w3.org/TR/webauthn-2/#sctn-credential-id-privacy-leak
One possible approach here is to have
CredentialContainerautomatically insert bogus identifiers into the returned list. If so, the count, length, and order should all be randomized.The text was updated successfully, but these errors were encountered: