Jeff Atwood wrote in 2007:
We’re teaching users that their credentials are of little value and should be freely handed out to any passing website that catches their fancy. It’s an incredibly dangerous habit to inculcate in users; it makes them far more vulnerable to phishing:
If users get comfortable with entering their credentials in all sorts of random places then it makes them more susceptible to phishing attacks. This is one of the reasons services like Meebo are worrying to me.
So an actual news. That’s why I’m using 1password and I’ve completely1 turned off cookies on my browser.
I had to keep them on just for the current session for few sites that don’t even work with them off (Google, Facebook -wonder why- and Read Later bookmarks). ↩