Chris Kite Programming, Computer Security, Etc.

Jakob Nielsen today wrote an article calling for all log-in forms to display passwords in plaintext, rather than masking them with bullets or stars. He argues that this increases usability (users feel more confident because they can see their password as they type it), and also increases security (a more confident user will choose stronger [...]

Twitter has had a lot of embarrassing security problems in the past, but the worst part is that they still haven’t learned from their mistakes. Apparently a recent redesign left the profile page vulnerable to a very simple XSS attack.
Some enterprising hacker quickly seized the opportunity to promote Twitter-clone StalkDaily by infecting the profiles of [...]