Comment on This is why we have two-factor authentication.
diabetic_porcupine@lemmy.world 22 hours agoYou can always use pihole to mess with your local dns and resolve to a fake website that looks like your social media of choice and collect their password
Anivia@feddit.org 11 hours ago
Only if the user ignores the “unsafe connection” warning in the browser, since you won’t have an SSL certificate for the domain
diabetic_porcupine@lemmy.world 6 hours ago
Hmm good point… you would need the ca to sign off on it self signed doesn’t work… it’s just a file though right? Couldn’t you rip it from the real server?