|
|
|
|
|
|
by bentlegen
4824 days ago
|
|
|
Iframes are easily spoofable. I can generate an iframe, style it exactly like your authentication page, and trick users into entering their username/password into my phony form. This is why mature platforms use dedicated windows for logging in (Facebook, Twitter, Disqus). I'd recommend you consider making this change. |
|
|