(Indeed, it might be a good idea for the browser password dialogue to require you to type in the domain name of the site, if it's one you haven't authenticated to before.)
Using an ordinary HTML form for username-password authentication looks prettier, but I feel it makes spoofing attacks much harder to prevent.
Copyright © 2017, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds