Originally Posted by
KenF
...
Standard advice in these situations is to intentionally get your password WRONG if you have any concerns. Possibly even use an intentionally wrong FF number. Any website that will log you in with known wrong credentials has to be bogus, as only the real website actually knows what your credentials are to say they are wrong. I fear many of us would be well advised to get into the habit of doing this when using PCs that we don't trust inherently.....
Originally Posted by
ooodaveb
If a key logger in installed on your machine, everything will seem to work fine, execpt everything you type will be logged and transmitted to the maker of such malware.
If it's just a fake website then it'll probably let you in no matter what you typed, more likely do nothing at all after you hit submit.
This advice is really not very good. Any decent hacker's fake website will pass on whatever you type to the real one and display whatever the real site would display; all the while logging your userid and password. Hackers don't want to do anything that will alert you to their activity and they are very, very clever.