Plain text creds

Discussion in 'Site Feedback and Support' started by fatkid1974, Apr 1, 2017.

  1. fatkid1974

    fatkid1974 Well-Known Member

    Apr 3, 2010
    1,265
    59
    48
    network technician
    van down by the river
    I was stumbling through some forums this morning and noticed I needed to log in. Got brought to the login page, entered my credentials, and got a warning that I was logging in to a non secure site. I do understand that we don't pay anything for perusing this fine website, but could you possible do an auto redirect to https://... for at least the login page. I know your paying for an ssl cert, all I did was throw an 's' in the browser to make it https and it redirected to the exact same page and I was able to login without my credentials being sent in plain text. Thanks!
     
    • Agree Agree x 1
  2. Pat

    Pat Active Member

    Oct 20, 2011
    316
    55
    28
    You know, I'll second this. It should be a 3 minute fix in your CMS to set up a 301 redirect to https. On one hand, Fanatic getting hacked is pretty low stakes. On the other, I *guarantee* that more than one user has the same credentials for their email and bank accounts.
     
    • Like Like x 1
  3. fatkid1974

    fatkid1974 Well-Known Member

    Apr 3, 2010
    1,265
    59
    48
    network technician
    van down by the river
     

Share This Page