[security] Phishing: Bookmarks to the rescue?
Ka-Ping Yee
openid at zesty.ca
Sun Jan 21 08:18:10 UTC 2007
On Sat, 20 Jan 2007, Dick Hardt wrote:
> > The core part of the strategy, and the core untested claim, is that
> > users can develop the habit of using a bookmark to log in. If they
> > use the bookmark, they're safe; if they don't, they're not.
>
> Ok. But users supposedly know to look for the lock and at the address
> bar, but they still get phished.
Yes, it is a similar type of risk / user behaviour requirement. And
the lock and URL bar certainly don't work well enough.
I will probably have to actually try this out to see what it feels
like before i can be sure just how confident or skeptical i have any
reason to be about it.
-- ?!ng
More information about the security
mailing list