Plain text creds

Discussion in 'Site Feedback and Support' started by fatkid1974, Apr 1, 2017.

  1. fatkid1974

    fatkid1974 Well-Known Member

    Apr 3, 2010
    1,285
    68
    48
    network technician
    van down by the river
    Ratings:
    +72 / 0 / -0
    I was stumbling through some forums this morning and noticed I needed to log in. Got brought to the login page, entered my credentials, and got a warning that I was logging in to a non secure site. I do understand that we don't pay anything for perusing this fine website, but could you possible do an auto redirect to https://... for at least the login page. I know your paying for an ssl cert, all I did was throw an 's' in the browser to make it https and it redirected to the exact same page and I was able to login without my credentials being sent in plain text. Thanks!
     
    • Agree Agree x 1
  2. Pat

    Pat Active Member

    Oct 20, 2011
    408
    105
    43
    Ratings:
    +372 / 15 / -0
    You know, I'll second this. It should be a 3 minute fix in your CMS to set up a 301 redirect to https. On one hand, Fanatic getting hacked is pretty low stakes. On the other, I *guarantee* that more than one user has the same credentials for their email and bank accounts.
     
    • Like Like x 1
  3. fatkid1974

    fatkid1974 Well-Known Member

    Apr 3, 2010
    1,285
    68
    48
    network technician
    van down by the river
    Ratings:
    +72 / 0 / -0
     

Share This Page

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.