Why aren't logins operated over SSL?
Results 1 to 4 of 4

Thread: Why aren't logins operated over SSL?

  1. #1
    Senior Member
    Join Date
    Jan 2003
    Posts
    3,914

    Why aren't logins operated over SSL?

    Hey Hey,

    Since this was already brought up once and closed by you know who, I figured I'd bring it up again... If he wants to close it, I'll open it...

    Anyways... AO is a security site... and it's populated by many students and large company employees who access this site from LANs... with programs like ethercap even switching doesn't protect you against sniffing...so why does AO allow unencrypted logins... considering how easy it is to setup SSL and run a site over it, why are the logins not run over it..

    I think it is something that JupM should look into implementing... both for user safety and because it looks bad to see a security website that isn't properly secured..

    Peace,
    HT
    IT Blog: .:Computer Defense:.
    PnCHd (Pronounced Pinched): Acronym - Point 'n Click Hacked. As in: "That website was pinched" or "The skiddie pinched my computer because I forgot to patch".

  2. #2
    Just a Virtualized Geek MrLinus's Avatar
    Join Date
    Sep 2001
    Location
    Redondo Beach, CA
    Posts
    7,324
    Goodbye, Mittens (1992-2008). My pillow will be cold without your purring beside my head
    Extra! Extra! Get your FREE copy of Insight Newsletter||MsMittens' HomePage

  3. #3
    Senior Member
    Join Date
    Jan 2003
    Posts
    3,914
    Hey Hey,

    It can still be done

    https://forum.cs.umd.edu/index.php?
    https://trillian.cc/forums/misc.php?s=&action=faq

    You can find plenty more at:

    http://www.google.com/search?q=vBull...LG:en&filter=0

    It just means that all the pages have to be on the SSL side... put Images = nonSSL, pages = SSL

    Peace,
    HT
    IT Blog: .:Computer Defense:.
    PnCHd (Pronounced Pinched): Acronym - Point 'n Click Hacked. As in: "That website was pinched" or "The skiddie pinched my computer because I forgot to patch".

  4. #4
    SSL means more bandwidth and server load, that's why the whole Internets doesn't use it all the time. I really wouldn't care that much if my AO account was haxxored, it's not exactly valuable.
    \"Some say they go looking for Drugs, Dirty Dancing and Pounding, Pounding Techno Music.\"
    *ahem* contact me

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •