Such an exploit could be in place on countless sites you visit daily, with no one the wiser. Further, aside from technical competence, why does anyone trust PoF? Why do they trust any site to not only technically handle their password correctly, but to not subvert it for their own purposes?
I see that my post above got moderated down. People want to lazily, and sloppily, reuse passwords everywhere. It's ignorant. The world would be better if we got rid of this ruse that sites hashing passwords themselves offers any reasonable protection. It leaves the barn door open.
I see that my post above got moderated down. People want to lazily, and sloppily, reuse passwords everywhere. It's ignorant. The world would be better if we got rid of this ruse that sites hashing passwords themselves offers any reasonable protection. It leaves the barn door open.