Hacker News new | comments | show | ask | jobs | submit login

This is completely terrifying.

You don't know who Clixpy is. You put this on your site, a user types in their password and so far we just have their word that they are not recording it - has anyone looked closely at the JS?

Yes, but that's true of any widget/Javascript you include. Why is this particularly scary?

Guidelines | FAQ | Support | API | Security | Lists | Bookmarklet | DMCA | Apply to YC | Contact