Skip to content
Better HN
Top
Best
Ask
Show
New
Jobs
Search
⌘K
0 points
ascorbic
10mo ago
0 comments
Save
Share
The evil site usually says something like "enter the code from our identity partner x" or something, which is a lot more believable when it's a service like Microsoft that
does
provide services like that.
0 comments
3 comments · 1 top-level
top
newest
oldest
gethly
10mo ago
· 2 in thread
That is not how oAuth works.
ascorbic
OP
10mo ago
That's the point: this isn't OAuth. It's just a way to phish the code.
gethly
10mo ago
If it is not oAuth, where does Microsoft come from then?
j
/
k
navigate · click thread line to collapse
