| ▲ | hombre_fatal 4 days ago | |
What's crazy is that it trains users to trust a component that can be faked by the website. You can mimic the component and then redirect the button anywhere, and the user is primed to comply with whatever they see. Like a fake "Actually it seems like your Google account is compromised. Please verify that it's you by doing X." This kind of shit-tier feature should at the very least appear inside the browser chrome, not inset in/over the website. I'm so tired of amateur slop from megacorps that should know better. | ||
| ▲ | nikisweeting 4 days ago | parent [-] | |
100% the implementation is setting a terrible precedent to trust non-browser-native-looking UI for whats supposed to be a browser-level feature. | ||