Hacker Newsnew | comments | show | ask | jobs | submitlogin

I don't think either would help in this situation. HSTS helps prevent SSL stripping attacks, which whoever is denying SSL access to GitHub doesn't need to bother with.

2FA serves as an annoyance to phishers, but whoever is doing this network attack has direct access to your session cookie.




Applications are open for YC Summer 2015

Guidelines | FAQ | Support | Lists | Bookmarklet | DMCA | Y Combinator | Apply | Contact

Search: