Passwords transmitted as plain text (community.nodebb.org)
-
Hey guys,
I see that this forum's login page is using http, so passwords are going over the wire plain text....
Can you host this on https (and use a security cert) and do 301 redirects for http so passwords are transmitted in a secure fashion?
I'd hazard to guess that more than a few people who use this forum re-use passwords......
-
-
Haha @julian promises not to eat lunch until wednesday, and we'll get that cert.
-
@psychobunny Cant you just self sign one until you can buy one?
-
So you just have to pass a spoon of caviar next lunch
-
Or you could use StartSSL only for community.nodebb.org, but not sure if that would fall under their "no-commercial" policy.
-
Yeah, SSLs.com, which used to be cheapSSLs.com. In my opinion, you do get the same cert for a much lower price, so I didn't see any reason not to go with 'em.
We're looking to introduce SSL support as an add-on for our premium hosting packages (bundled with village & city, extra for hamlets)