-
Notifications
You must be signed in to change notification settings - Fork 273
Closed
Labels
enhancementNew feature or enhancement to existing functionalityNew feature or enhancement to existing functionalitypriority:highItems of high importance. Applicable to all users or use-casesItems of high importance. Applicable to all users or use-cases
Description
On first start you have to login to you GitHub account.
But the login comes not from the standard browser.
https://prnt.sc/8HUPdBzRjiqs
So I do not know from where the page is, looking like GitHub login, nor where the data is sent.
Any fraudulent app uses such data scam page.
I have to entrust my highly sensitive credentials to an unknown/untrusted third-party application? This is not acceptable. (and also not necessary)
Solution:
Open the GitHub authentication request in the default browser. In the trusted default browser, you are already logged in, so no transfer of personal credentials is usually required. This ensures that no third-party application knows the credentials.
steebchen, florianmutter and MTCosterjamesdh and Canopix
Metadata
Metadata
Assignees
Labels
enhancementNew feature or enhancement to existing functionalityNew feature or enhancement to existing functionalitypriority:highItems of high importance. Applicable to all users or use-casesItems of high importance. Applicable to all users or use-cases