Oddbean new post about login | logout @767a86d3 Fix a serious problem in Session. It's about "passphrase". If an attacker manages to get hold of the victim's phone and copy the "passphrase", he will be able to log into the victim's account very easily. And the victim will not know about it. This is a serious problem and some people refuse to use Session precisely because of this problem.