

RSA conference site sends an ajax request per keystroke when entering password - arctangos
https://zyan.scripts.mit.edu/blog/wp-content/uploads/2014/01/Screenshot-from-2014-01-10-134955.png

======
josephlord
Probably the strong/weak indicator. Maybe it should be done client side in
javascript. It might be possible to narrow the range of likely passwords by
analysing the timings of the requests.

