[OpenID] popup protocol UX? Re: FB Connect, OpenID and UX
Eric Norman
ejnorman at doit.wisc.edu
Tue Dec 16 00:08:37 UTC 2008
On Dec 15, 2008, at 4:46 PM, Christian Scholz / Tao Takashi (SL) wrote:
> It's not that easy.. You get redirected to login.yahoo.com which you
> can clearly see in the URL bar (no popup btw). There you enter your
> yahoo id and your password.
It would be good to consult the research about phishing and
why it works. For instance, you can start at
http://people.seas.harvard.edu/~rachna/papers/why_phishing_works.pdf
You will find that arguments about "can clearly see in the URL bar"
and many other browser signals aren't very compelling.
Eric Norman
More information about the general
mailing list