

Is your Twitter password secure? - untog
http://www.ismytwitterpasswordsecure.com/

======
vectorbunny
First impulse = view source.

    
    
       </div>
            <div id="secondbox">
                <h2><div>No no no no no</div><div>No no no You <span>idiot</span>.</div></h2>
                 <div id='main'>
                    <p>Do you see "twitter.com" in the address bar? No, you don't. Don't ever type your
                        login and password to Twitter on a site that isn't twitter.com. Same with Facebook.
                        And LinkedIn. I guess what I'm trying to say here is, you're an idiot. Don't be an
                        idiot.
                    </p>
    
                </div>
                <!--<h1><div>Repeat after me:</div><div><span>I will not be an idiot.</span></div></h1>-->
            </div>

~~~
ConceitedCode
I find this kind of stuff awesome. Makes the developers seem more relatable, I
guess.

------
oneeyedpigeon
Education re: passwords and security is an absolute must for the wider
Internet-using public right now. I work in a place where colleagues are
constantly asking "what's so-and-so user's password?" and are then surprised -
and actually a bit put-out - when I tell them we have no way of finding out.
Just alerting people to the fact that nobody should even be able to find this
kind of stuff out is a valuable service; same goes for phishing.

------
Zikes
This is why two-factor authentication is important. In one of my favorite
examples of how effective it can be, Gabe Newell demonstrated his confidence
in Steam Guard by giving out his Steam username and password.

------
pixeloution
So you want us to submit our password and username to an unknown entity? At
that point, no, its not secure, even if its FKoieoSF()$902358#f9J#90JP[V,
which, incidentally, is my password.

~~~
untog
Try typing on it. (the HN crowd is not really the target for this experiment)

------
MechaJDI
It did immediately send up red flags with the "hey, lemme check your password
safety by you GIVING me your password!" As I thought about it for a second
though however, I tried to envision from memory what's the difference between
these particular login forms versus legit twitter logins? (I'm at work so no
twitter access) It looks pretty similar from what I can remember besides the
submission button I suppose..

------
buzzedword
You should search twitter for your site right now. It's blowing up haha

[https://twitter.com/search?q=ismytwitterpasswordsecure.com&#...</a>

~~~
untog
Tell me about it. Never been more glad to have used S3 to host some files.
Instant scaling...

------
roryoldershaw
First thing I thought, is someone really trying to pull one on HN? Very well
done, I hope that someone tries it not realising what it is and becomes more
aware.

