I think this repo exists for ironic purposes. It does recommend not to use such a system to check passwords.
I think it serves as a warning that any site could do this, so be careful. Furthermore (and more evil) is to record all user input into forms using Javascript so if you mistakenly enter another site's password and then realize your error - they have it anyway.
I think it serves as a warning that any site could do this, so be careful. Furthermore (and more evil) is to record all user input into forms using Javascript so if you mistakenly enter another site's password and then realize your error - they have it anyway.
Caveat Surfor