2005/05/29 - This text was posted to the KDE wishlist (but turned out not to be new) https://bugs.kde.org/show_bug.cgi?id=106465
I think it could be a very effective way to prevent phishing if konqueror would detect the credentials which the user is just typing in. This should be no problem at all for those credentials which are stored in konqueror/kdewallet anyway but it could be offered without this store feature, too (storing hashes of the complete data or of the first part only).
Whenever a match is detected but the current URL is not one of those known for these credentials, konqueror should inform the user about this problem and ask if he really wants to continue (and if so add the URL to the white list).
I don't know how Java applets are handled. If the browser containing them does not control their input then Java applets would be a way to circumvent this kind of protection. But anyway this would make phishing attacks more difficult.
This feature should ignore focus changes for input fields because otherwise the credentials could be spread over several fields to avoid detection (changing the active field by Javascript to prevent the user from noticing this).