[matthewbadeau]

This is supposed to prevent keylogging.. but I think anything with that amount of access to your PC can tap into the browser to read the request before it's sent. So, probably not as good as it sounds.

[Cthulhu_]

It would prevent physical keyloggers (small dongles in between keyboard and computer) and possibly even RF keylogging, but yeah, it's a false sense of security.

[ytch]

Yes, and it may also screenshoting the pixels around where mouse clicks, so I don't think it can prevent keylooger. OTP is better solution.