Measuring and predicting web login safety

@inproceedings{Wang2011MeasuringAP,
  title={Measuring and predicting web login safety},
  author={Xiao Sophia Wang and David R. Choffnes and Patrick Gage Kelley and Ben Greenstein and David Wetherall},
  booktitle={W-MUST@SIGCOMM},
  year={2011}
}
Users increasingly entrust websites with their personal and sensitive information. Sites commonly protect this information using user-supplied credentials (i.e., logins). We conducted a measurement study of top websites and surprisingly found that they transmit these credentials in the clear, thus leaving them vulnerable to eavesdropping. To make matters worse, users are often unaware of this threat because sites and browsers reflect little information about how logins are handled. As a first… CONTINUE READING