Talk:SiteKey

Effectiveness
How does this protect people from phishing in any way? All a phisher needs to do to "authenticate" himself as the website that the user things he is going to is the user's username. Once this phisher has this, the phisher can get the user's image + phrase, allowing the phisher to continue impersonating the website the user thinks he is visiting. The phisher can easily obtain the username exactly the same way as a conventional phishing attack. 98.203.235.111 (talk) 19:36, 28 November 2010 (UTC)