Because the main login is HTTPS-secure (I would hope - for a bank), but the chan... | Hacker News

Hacker Newsnew | past | comments | ask | show | jobs | submit

		sdrapkin on June 16, 2015 \| parent \| context \| favorite \| on: KeePass – questionable security Because the main login is HTTPS-secure (I would hope - for a bank), but the change-password feature is not.

stavros on June 16, 2015 [–]

Oh, you mean the account recovery page, not one that requires the old password to change to a new one. I see.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact