Google introduces device-bound session credentials to fight account hijacking neowin.net 3 points by bundie 17 hours ago
verdverm 16 hours ago There has to be a better source for this. Neowin doesn't even talk about the credentials and is riddled with ads verdverm 16 hours ago https://developer.chrome.com/blog/dbsc-origin-trialhttps://w3c.github.io/webappsec-dbsc/https://blog.chromium.org/2024/04/fighting-cookie-theft-usin... verdverm 16 hours ago I believe DPoP has similar goals, had to implement this as part of ATProto OAuth
verdverm 16 hours ago https://developer.chrome.com/blog/dbsc-origin-trialhttps://w3c.github.io/webappsec-dbsc/https://blog.chromium.org/2024/04/fighting-cookie-theft-usin... verdverm 16 hours ago I believe DPoP has similar goals, had to implement this as part of ATProto OAuth
verdverm 16 hours ago I believe DPoP has similar goals, had to implement this as part of ATProto OAuth
There has to be a better source for this. Neowin doesn't even talk about the credentials and is riddled with ads
https://developer.chrome.com/blog/dbsc-origin-trial
https://w3c.github.io/webappsec-dbsc/
https://blog.chromium.org/2024/04/fighting-cookie-theft-usin...
I believe DPoP has similar goals, had to implement this as part of ATProto OAuth