Open Side Menu Go to the Top
FAQ Today's Posts Search Twitter Discord
Register
Forum Leaks Passwords (X-Post) Forum Leaks Passwords (X-Post)
Post Reply Subscribe
...
07-23-2017 , 03:01 PM
#1
Czech_Razor
View Profile Send Message Find Posts By Czech_Razor Find Threads By Czech_Razor
centurion
Join Date: Sep 2003 Posts: 117
Cross-posting thinking that technical folk may be able to help plug the leak.

It looks to me as though the forum transmits username / passwords in plaintext.

http://forumserver.twoplustwo.com/55.../#post52589333
Forum Leaks Passwords (X-Post) Quote
07-23-2017 , 08:15 PM
#2
AllCowsEatGrass
View Profile Find Posts By AllCowsEatGrass Find Threads By AllCowsEatGrass
banned
Join Date: Mar 2017 Posts: 1,839
Quote:
Originally Posted by AllCowsEatGrass
Your web browser is just warning you that the login page is not using SSL/TLS encryption, meaning when you click 'login', your data is sent in plain text over the wire.

If someone were conducting a man in the middle attack against you while you were logging in, they'd be able to get your username and password. Likewise, your ISP could easily get your username and password if they wanted to.

Web browsers have started displaying these warnings, which I think is a really good thing. Hopefully it will force sites that haven't even implemented SSL/TLS on login pages to start to implement encryption.

Yo twoplustwo, EFF's let's encrypt is free. Free certs backed by the Electronic Frontier Foundation. Dead simple to setup.
https://letsencrypt.org/
.
Forum Leaks Passwords (X-Post) Quote
Post Reply Subscribe
...
      
Feedback is used for internal purposes. LEARN MORE
Contact Us Privacy Statement TOS
Top
Powered by:  Hand2Note
Copyright ©2008-2022, Hand2Note Interactive LTD
m