| ▲ | cataflam 4 days ago | |
> There is NO reliable indicators Completely agree. The only reliable way is to never use an email/SMS link to login, ever. | ||
| ▲ | hunter2_ 3 days ago | parent [-] | |
Or go ahead and use them, but abort if your password manager doesn't auto fill. Such abort scenarios include not only a password field without auto fill, but also a total lack of password field (e.g., sites that offer OTP-only authentication), since either way you don't have your password manager vetting the domain. | ||