Jump to content

Secure login

Wirholt

By Wirholt
in Website

Followers 1

Recommended Posts

Wirholt

Wirholt

Posted
Posted

I start the home page of this forum with the link http://forums.Groundspeak.com/GC/. Then in the upper-right corner I click "Sign in" to enter my credentials. Recently, I discovered, that the login page is still using http, not https. This means that my password goes as uncoded plain text over the network. Anybody listening on the network can easily read my credentials in this way. I am not worried about my home network, but I often use public network. Why not offering a more secure way to sign in? SSL, what is used in https, is no longer a very advanced technology. For geocaching.com this is used already. Why not for the forum sign-in page?

Link to comment
UMainah

+UMainah

Posted
Posted

The forum is provided by a third party. I'm not a geen-e-us when it comes to this, but doesn't that mean it's beyond Groundspeak's control? Or is that just the forum's inner workings?

 

The forum itself is provided and controlled by Groundspeak. The forum software (IP.Board) is developed by a third-party. This software does support https/SSL login. Groundspeak has not enabled it though.

Link to comment
Dgwphotos

+Dgwphotos

Posted
Posted

I start the home page of this forum with the link http://forums.Groundspeak.com/GC/. Then in the upper-right corner I click "Sign in" to enter my credentials. Recently, I discovered, that the login page is still using http, not https. This means that my password goes as uncoded plain text over the network. Anybody listening on the network can easily read my credentials in this way. I am not worried about my home network, but I often use public network. Why not offering a more secure way to sign in? SSL, what is used in https, is no longer a very advanced technology. For geocaching.com this is used already. Why not for the forum sign-in page?

It does cost money to get a trusted root certificate.

Link to comment

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Loading...
×
Followers 1
Go to topic listing
×
×
  • Create New...