15Eki
What stops malicious code spoofing a Ctrl+Alt+Del login form by allowing only part of the phrase?
According to this answer from a question:
when you press Ctrl+Alt+Del, you can be sure that you're typing your password in the real login form and not some other fake process trying to steal your password.
But let’s say an attacker clones an identical login page on Windows, where ‘Ctrl+Alt+Del is required’.
The malicious code allows either Ctrl+Alt or Alt+Del, so when a victim presses Ctrl+Alt+Del, and it works, the victim assumes it is legitimate, so they enter their password.
Am I missing something fundamental about how this system works, and is this scenario possible?
