Password stealing is about to become simpler...

Just read on Nicholaz's blog about the upcoming change to the way authentication is done in SL.

Let's put it short and simple: implementing it this way in the context of SL would be the most serious mistake, if the goal was to improve security.

D'oh... I'm speechless.