RSA conference site sends an ajax request per keystroke when entering password (zyan.scripts.mit.edu) 11 points by arctangos 12y ago ↗ HN
[–] josephlord 12y ago ↗ Probably the strong/weak indicator. Maybe it should be done client side in javascript. It might be possible to narrow the range of likely passwords by analysing the timings of the requests.
1 comment
[ 27.7 ms ] story [ 772 ms ] thread