|
|
|
|
|
|
by dsp1234
3437 days ago
|
|
|
The point was for the browser to warn the end user about password re-use. The browser doesn't need javascript to see the contents of a password field, or to show an indicator in the browser's chrome. It's the browser. If you salt the password with the url, all you've done is made a unique password per website which is what you were supposed to be doing anyway. Note that browsers can already store password lists (ex: Chrome settings, search manage passwords). There would just be an extra step to compare those passwords together. |
|
|