top | item 27414103

(no title)

Pfp puts the icon in the browser bar, to counter such action. So the pop-up can only be opened this way and the pop up is in a different context than the website itself.

Yes the pop-up could be faked, but not the button.

Actually Tavis Ormandy found a lot of security breaches in password managers that loaded GUI elements into the website. Not only that you can fake it, but also they are susceptible to clickjacking.

discuss

No comments yet.