In <news:[email protected]>, NFN Smith <[email protected]> wrote:
> However, I think developers are more focused on defending against > script-based authentication (presumed to be malicious). By requiring > multiple user inputs, then it's far more difficult for an attacker to > present credentials -- not only valid credentials, but a way of > defending against brute-force guessing. And this kind of methodology > achieves a lot of the same kind of benefit as CAPTCHA, without > annoying users with CAPTCHA images that are difficult to decipher. I think that's it, too. my.yahoo.com has started doing it that way, but my SeaMonkey (a 2.42 build) remembers the name and password and fills them both in. If found a few recent bug fixes about recognizing username/password inputs which may not have made it into current SeaMonkey yet. (Not posting links because I couldn't find anything that was clearly related to this case; searching for fixed bugs with "password" will turn up enough to bog you down for a while. ;) _______________________________________________ support-seamonkey mailing list [email protected] https://lists.mozilla.org/listinfo/support-seamonkey
