1

https Support (Read 500 times)

steferfootballdu


    I apologise if this has been discussed before. If it has, consider this a public service announcement. I've done a search, but searching "https" or "http secure" just brings up a bunch of URLs people have posted.

     

    While I no longer do this, many people have a single password for all the Internet services they use. Anything from online banking (I had a bank that used to have passwords, I think they have since changed though), to email accounts, and message forums like running ahead.

     

    So I was just wondering, why RA doesn't  use it when entering passwords? TBH, I don't particularly care if someone eavesdrops and changes my account information here (I probably wouldn't be thrilled though), however it is possible to rebel rouse elsewhere using knowledge that is found here - which could be particullarly harmful if a user hasn't used a set of good passwords.

     

    I believe trustworthy certificates can be acquired for free and to my knowledge (albeit limited) aren't that hard to implement. Perhaps some issue with scalability? Am I overly paranoid?

     

    Thanks for any responses,

     

    steferfootballdu

      You can log in using https if you click on the Login link on the top right of the page. So Eric definitely has a certificate installed. However the Home page, with a login form, does not use https.

      Geoff

        RA has been using SSL to protect pages with passwords for quite some time now.  It's not publicized because it does not alter user actions.  Although the home page is not using HTTPS, the data is encrypted when you submit it to the server.

        steferfootballdu


          Alright, thanks for the clarification. Smile