It’s surprisingly difficult to know whether an email you’ve received is trustworthy. Why is this so hard? Well, you can’t trust the sender name. You can’t trust the email’s aesthetics. And you can’t trust the copy. To be safe, you need to verify the sender’s domain name and the domain of all outgoing links. definitely Put yourself in the shoes of a random user and try to decipher “efax.hosting.com.mailru.co” or “drive.google.com.download-photo.net”. It’s unreasonable to expect the average user to be on high alert every time they open their inbox, so let’s find a better way. Using color The fundamental problem is that the information you need to determine whether an email is safe is 1) hard to find and 2) hard to understand. In a perfect world, this information would be 1) easy to skim and 2) impossible to misread. There are a handful of ways to verify you’re talking with the right person. You can verify 1) something they are (biometrics), 2) something they have (2FA codes), or 3) something they know (passwords). It’s not immediately clear how we might associate emails with senders’ biometrics or 2FA codes, but we can definitely work off the idea of an “email password”. We provide websites with passwords to verify who we are all the time. What if websites needed to provide a password so that we could verify who they were? And what if these passwords weren’t complicated strings but rather easy-to-skim colors? us https://github.com/turbomaze/colorful-phish Imagine this: the moment you created a password for a website, they created one to use with you. In your welcome email, they told you what this password was: a specific color, unique to your account. From that moment forward, you could rest easy knowing that if an email didn’t contain that exact color, then you were getting phished. Here’s an example of what one of these welcome emails might look like: And we’re done. Colors are simple to implement, easy to skim, and impossible to misunderstand. Check out for a Node.js implementation that will help you eliminate phishing on your site with 3 lines of code. colorful-phish on GitHub If you have any thoughts or want to riff on related ideas, you can find me on Twitter at . https://twitter.com/@imigliu

Google

How Color Can Prevent Your Users from Getting Phished

About Author

Comments

TOPICS

THIS ARTICLE WAS FEATURED IN

Related Stories

Facebook Privacy: Lessons Learned from Congress’s 2000+ Follow-up Questions

10 Web Development Boosting Node.js Libraries and Frameworks

100+ FREE Resources to Learn Full Stack Web Development

10 Top Advantages of Node.js in eCommerce Industry

JavaScript Frameworks for Frontend and Backend Developers [Top Ten Picks]

12 JavaScript Concepts That Will Level Up Your Development Skills

Facebook Privacy: Lessons Learned from Congress’s 2000+ Follow-up Questions

10 Web Development Boosting Node.js Libraries and Frameworks

100+ FREE Resources to Learn Full Stack Web Development

10 Top Advantages of Node.js in eCommerce Industry

JavaScript Frameworks for Frontend and Backend Developers [Top Ten Picks]

12 JavaScript Concepts That Will Level Up Your Development Skills

Light-Mode

Classic

Newspaper

Minty

Dark-Mode

Neon Noir

Minty

HN StartUps