Comment by carra
2 days ago
I don't get why asking for a password multiple times is perceived as more secure. It's the same password. If an attacker was able to find it and input it once, surely they can do it multiple times too...
2 days ago
I don't get why asking for a password multiple times is perceived as more secure. It's the same password. If an attacker was able to find it and input it once, surely they can do it multiple times too...
It's not about asking for the password, it's about expiring sessions frequently. Nobody is going to steal sessions, of course, but the cargo cult security remains.