Hacker News new | past | comments | ask | show | jobs | submit login

This is nothing new. Once XSS has been exploited the users are already pwned regardless of password policy.



>This is nothing new. Once XSS has been exploited the users are already pwned regardless of password policy.

stealing password >> XSS.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: