Totally useless, studies show that user just don't look or care. This after all the effort put into this.
The solution is new authentication that takes into account the domain.
This is exactly what has been done in the new FIDO standards, UAF and U2F. If you use U2F as a second factor on google, dropbox or github phishing is already a problem of the past.
These standards have now been given to the w3c and they are working on a further standard based on the fido ones.
Totally useless, studies show that user just don't look or care. This after all the effort put into this.
The solution is new authentication that takes into account the domain.
This is exactly what has been done in the new FIDO standards, UAF and U2F. If you use U2F as a second factor on google, dropbox or github phishing is already a problem of the past.
These standards have now been given to the w3c and they are working on a further standard based on the fido ones.
https://fidoalliance.org/specifications/overview/