|
|
|
|
|
|
by sdfjkl
4771 days ago
|
|
|
Those are already solved by using CSRF tokens and escaping all the things. Still no reason to bother users with additional password prompts, which come with a number of risks of their own, not least of all causing users to use weaker or shared passwords because they have to enter them all the bloody time. |
|
|