That's why we need 2FA. @PayPalSecurity will you ever support U2F? https://twitter.com/josephfcox/status/832853549851803648 …
I agree there are remaining UX probs with browsers, sites, and some/most pw mgrs that reintro phishing vectors
-
-
the whole point of phishing is that it is an UI/UX problem, not a technical one in most cases.
Thanks. Twitter will use this to make your timeline better. UndoUndo
-
-
-
These mostly admit technical solutions: disallow copying or even seeing pw, force autofill, & ...
-
disallowing copying of passwords only bring people to use "password123!" as their pw.
-
No, don't disallow it on the site side. Disallow it on the pw mgr side. It should only auto-enter, never show.
-
sure, and then no *real* (read: not-security-nerd) person uses it because it's a pain to use for, say, ebay.
End of conversation
New conversation -
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.