Secure Login to the Forum

I am wondering why isn’t the forum login is secured via SSL?

I am wondering why it would need to be?

Simply, in order to prevent plain text exchange of username / password across the internet. :slight_smile:

My guess would be simply, it’s encrypted when sent. :wink:

Paul

Thanks for your reply. I just hope that such encryption is quite enough. Actually, I used to think that exchanging username / password across the Internet should always be through secured channels. Maybe Web email services are good examples for that.

You are welcome,
I would find it highly unlikely that Comodo would use plain text for user login, encryption is a good method (while I can’t say for sure that’s what they use, my guess though) and Web mail does use safer methods unlike POP3, etc…who do use plain text. I would doubt a security site dedicated to pc security would use such a method as plain text. Kind of defeat the purpose, lol. :wink:

Paul

That sounds great! :smiley:

Hi all,

It seems that the forums currently supports an optional secure login. Here is the URL. :slight_smile: You may have noticed the padlock icon placed next to the “Register” / “Logout” button of the forum-wide main toolbar (snapshot is attached). Thanks everybody for considering that option. :wink:

P.S. I wish it might be nice if the secure login becomes the default. Let’s see what will happen in the future. ;D

Thanks.

Oops! :-X I forgot to attach the snapshot. Anyway, here it is attached to this post. :slight_smile:

[attachment deleted by admin]

I think you’re the first user to notice the little white padlock… well to mention it anyway. But, then again… it is what you were asking for. Yep, the little white padlock toggles between HTTP & HTTPS. Cool huh?

HTTPS by default? I’m not certain about that. You’ll need to wait until what Nick (Forum Admin & not just in title;)) thinks about it. Nick’s the guy who added the feature.

That’s pretty cool. Yeah, I had seen the padlock (unlocked) but hadn’t paid much attention to it. Neat-o. :slight_smile:

But if I understand internet security issues correctly, even if it’s encrypted when sent, but originates on an unencrypted page, then the black hats can use their little nasty proggies and mouse over (the cached page or whatever) to get the data. Which can even happen on an encrypted page, maybe, as well? That’s one of the things i-Vault is supposed to address, right? (except it’s not FF compatible, yet) Using something like KeyScrambler should help w/the security of your typing, shouldn’t it?

Is all this true, or am I smokin’ ■■■■■? (:NRD)

LM

I agree with the latter. ;D :smiley:

Paul

But of course you do… (:TNG)