alt Hacker NewsWorth noting when you open up the developer tools console in discord (facebook and some other sites do it too), you get a regular message printed with "If someone told you to copy/paste something here, there’s an 11/10 chance you’re being scammed." and then "Pasting anything in here could give attackers access to your Discord account." in bold+red text. It used to also mention "free nitro" as an example of a scam you may be falling for.
I've heard, but haven't confirmed, they also detect you opening developer tools using various methods and remove your auth keys from localstorage while you have it open to make account takeovers harder. (but not impossible)
Opening the browser console in a separate window mitigates some of that detection.
Replies
Yes, Google does this, and it is infurriating.
Every time I open the dev tools on Safari (to reverse-engineer some random broken website that doesn't let me do what I need to and forces me to write yet another Python script using Beautifulsoup4), Google logs me out of all of my accounts.
To add insult to injury, Google's auth management is so broken that if I log in to the "wrong" account first by accident (E.G. when joining a work meeting from Calendar.app), that account now becomes primary for Google Search / Youtube, and there's no way to change that without logging back out from all accounts and then logging into them again.
>I've heard, but haven't confirmed, they also detect you opening developer tools using various methods and remove your auth keys from localstorage while you have it open to make account takeovers harder. (but not impossible)
No, they just keep moving it between updates. It's still there. It just gets harder to extract.