I can't believe anyone would put their Amazon password into a third-party site. I clicked on the link, started through the login funnel, realized what I was about to do, and stopped.
When I got the "Are you sure?" message, I started thinking that the site was specifically crafted to show how easy it is to get people to give passwords to a "reputable-looking" third party.
I expected to get some sort of congratulatory message after saying no, like "You're smart enough to not give us your password!" When I didn't get that, I came back to the HN comments, expecting to see an explanation from OP about this proof of concept.
Then I see it's supposed to be a real site. Well then.
When I got the "Are you sure?" message, I started thinking that the site was specifically crafted to show how easy it is to get people to give passwords to a "reputable-looking" third party.
I expected to get some sort of congratulatory message after saying no, like "You're smart enough to not give us your password!" When I didn't get that, I came back to the HN comments, expecting to see an explanation from OP about this proof of concept.
Then I see it's supposed to be a real site. Well then.