alt Hacker News> > That's fine. Let determined people do that, but don't make it easy for a user to be tricked into handing over all of their credentials in clear text.
Has there even, ever, been an instance of that happening?
> > That's fine. Let determined people do that, but don't make it easy for a user to be tricked into handing over all of their credentials in clear text.
Has there even, ever, been an instance of that happening?
There have been literally thousands of documented incidents of this.
There's an entire subsection of the security industry dedicated to this happening. The DefCon international security conference holds an on-stage competition where security researchers demonstrate this happening to real targets in real time in front of a live audience.