I'm sure I posted something along these lines on here before but I can't find the thread - so may be I didn't! :-D
The lack of https protection for the log in and general site usage seems to be making the users of this forum vulnerable. I'm not a website expert, but assume there is reason behind firefox warning me that logins to this site are not secure. My understanding is the passwords used at the login stage are vulnerable, and in turn if you use similar passwords for multiples sites then the problem multiplies.
Is there a plan in place to up grading this site to https?
Don't use the same password on every site. Thats insecure right off the start. Plus you assuming, if the system used https encryption (which would involve purchasing a signed ssl certificate) and that if the site ever got hacked your login/password information would be safe, which it wouldn't be.
I did say similar! No need to state the obvious regarding passwords here. A well designed site will not store passwords in clear text. Yes, the encryption is fallible, but not as vulnerable as shouting out your pin code as you type it in at the cash point! We're all likely to have passwords for at least one bank account, multiple social sites, forums, and business log ons. Unless you are randomising your passwords (and so making them very easy to forget) then it's likely there are patterns in the way your passwords are generated even if they are subconscious. Likewise if you do randomise them there is a good chance you've written them down or stored them somewhere, making that a risk too.
When you login with http the password is sent in clear text and and can be intercepted at many points along the communication. Would you be happy using this site with no password at the login stage? This is effectively what any site is doing without https.
I was going to link to a thread on a Land Rover forum of them tackling this exact issue, but as it's it now all https you can't see nowt on protected pages without a log in!
Edited 2 time(s). Last edit at 09/07/2017 01:41AM by WesBrooks.