Rather than breaking URLs to stop phishing, how about some real phishing mitigations? I can think of a few...
-
Show this thread
-
Disallow text entry fields that look like password ones but aren't, and disallow js reading from password fields before they're submitted by user action.
2 replies 1 retweet 6 likesShow this thread
When a page has a password entry field, warn the user BIG AND BOLD if they've never visited this site before, and highlight additional identifying information about it.
1:55 PM - 4 Sep 2018
0 replies
0 retweets
3 likes
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.