
LastPass mitigates phishing flaw in its password management software - crneff
https://blogs.csc.com/2016/01/18/lastpass-mitigates-phishing-flaw-in-its-password-management-software/
======
tghw
Seems like they really need a token for the user to identify that it's really
LastPass. Something like an image, like some banks do, would work well.

