📢 Moderators Needed 🚀

Moderators are needed with resources to post or have access to resources to post. Submit an application to be considered.

RSS Feeds
Xenforo RSS Feed

RSS Adding, editing or removing passkey does not require user re-authentication

Thread starter Kirby
Start date Oct 29, 2025

Kirby

Guest

Guest or Bot

Oct 29, 2025

Adding, editing or removing a passkey does not require password confirmation.

This allows kinda easy "account lockouts" by unauthorized actors if they are able to access an active session.

Suggested Fix
Adding, editing or removing a passkey should require re-authentication of the user (password if no 2FA is available, Password + 2FA if no Passkey is available or also Passkey without password if at least one Passkey is available)

Continue reading...

RSS See number of likes given by a user

RSS Security Error Notice

Show hidden low quality content

You must log in or register to reply here.

S	RSS Adding AI-Friendly summaries to old forum topics stanleyb23 Oct 25, 2025 Xenforo RSS Feed
Q	RSS Adding custom criteria for trophys QuackieMackie Oct 31, 2025 Xenforo RSS Feed
C	RSS XF2 Suggestion: Adding Instagram to Sharing Options and Connectivity Chernabog Nov 19, 2025 Xenforo RSS Feed
D	RSS When editing a post, the quick reply should be hidden. Digital Doctor Oct 24, 2025 Xenforo RSS Feed

📢 Moderators Needed 🚀

RSS Adding, editing or removing passkey does not require user re-authentication

Kirby

Guest

We value your privacy