I think if you're trying to address reused passwords harvested via website compromise this is indeed effective.
I was thinking it could also be leveraged to work against domain spoofing attacks as well and without a resilient UI it is not very effective at this as an attacker (phisher) could build a website with a look-alike site and address bar and have the user enter their password into the form (or script) while bypassing the PwdHash technology. If this is a goal then perhaps the addition of a safe input area, say in the status-bar, which will be guarded with the same zeal as the status-bar padlock (and adjacent domain-name or organization-name); presumably the user will notice if they generaly log-in to a site via the status-bar interface and one day that changes. _______________________________________________ Mozilla-security mailing list Mozilla-security@mozilla.org http://mail.mozilla.org/listinfo/mozilla-security
