​​Your SSO session can be stolen. At least Grammarly, with their white partner prepared an internal phishing attack and get access to their OTP SSO session. As a result, they choose to move to FIDO2, to prevent the possibility of that attack vector. More about the attack and why choose FIDO2 in Part 1. About implementation and problems - in Part 2. #security