or, without the tact (at least as I understood it) displayed by Joost
: re "faking...."
OK, I can think of legit reasons but I can also think of lots of blackhattery, chapeau-noir, etc for which this information might be potentially used.
update Fletch and Joost make valid points below. Guess that all that's left in defense (and it needs it) of this observation is my belief that many||most web aps are VERY poorly secured. So while I agree with Fletch's assessment of blame, I don't think that's the end of the chain of victims -- clueless users, like my Grandparent or yours, wanna-be-webmasters who haven't had the exposure to the school of hardknocks that some||many monks have endured (and profitted from) and so on... ie, the very folk to whom Joost 's phrase --- "good security measures..." --- is a complete mystery.