dolphinling’s weblog

Here’s an idea. When someone finally gets around to implementing logout/etc. functionality in HTTP authentication, why not put the username in a little box at the right of the address bar, like where the lock is for secure sites. Not only would this be nice and usable, but it would also help stop phishing attacks of the form http://www.examplebank.com@evilsite.net/, since the username part, www.examplebank.com, would be moved away from the normal address and be visually distinct.

Edit: posted this on my website, with a nice, pretty mock-up.

This entry was posted on Friday, April 22nd, 2005 at 11:31:02 and is filed under Mozilla, web. You can follow any responses to this entry through the RSS 2.0 feed. Both comments and pings are currently closed.