A popular forum like this that has one of the best login systems I have ever seen should at least have an encypted login as a minimum security percausion. I am aiming for a full https://d2jsp.org though!



More information:

https://secure.wikimedia.org/wikipedia/en/wiki/HTTP_Secure

http://en.wikipedia.org/wiki/HTTP_Secure

Popular websites like Google, Facebook and even Wikipedia have adopted a more secure connection.

Google: https://encrypted.google.com

Facebook: https://www.facebook.com/

Wikipedia: https://secure.wikimedia.org/wikipedia/en/wiki/Main_Page

Bump

completely agree. I am a web designer. It is very important to have a secure website for its users considering that this website has a small but decent traffic, alot of links provided on the internet, and money involved going into fg? this website needs to be more secure and trusted for its users to safely access it from many internet hotspots and networks around the world. You never know when the person next to you happens to know how to hack and crack into networks and computers. This is just one small step toward an already awesome, but hopefully better community.

I don't see why this is necessary for this site. HTTPS will encrypt the data between the site and the server, none of which is personal info, credit cards, etc........

This would in no way protect people from phishing, keyloggers, etc which are the only threat on this site.

Probably This.

Yes, would allow anyone to log on anywhere without being scared about security.

Anyway, people shouldnt because of IP tracking for scammers/multis (IMO).

oh wait...



forgot about keyloggers, yep, you are right...

This post was edited by Icewind on Mar 14 2011 09:20am

by adopting this more secure contemporary protocol, it won't leave us any more vulnerable than we already are

great idea, and paul should hop on the https wagon sooner than later

yes from me

Exactly this, my roommates (All 3 of them computer nerds) regularly use programs like Firesheep, Wireshark and other analysis programs including the pen testing OS backtrack 4 which forces me to have to work through a VPN just to avoid their deviance. On topic though, HTTPS is a basic protection against packet sniffers and analyzers, also prevents sessions from being hijacked. It is a like a microwave but for the internet, super convenient and I personally don't want to go without it.

Packet analyzers are like network keyloggers, which an encrypted connection confuses very easily. The best way to prevent phishing is to have an up to date web browser that displays if you are on a secure connection or on a site with a clean record, much like Opera.

Software/Hardware keyloggers and phishing aren't a solution that HTTPS is meant to solve so I am not sure why they were brought up other than to patronize what it can't do. That is okay though, additional security can never hurt!

Very good input. I was just stating that phishing/keylogging probably accounts for 99% of the security issues this site faces. A lot of people think HTTPS means you are protected by anything which it does not.

HTTPS means one less security threat to worry about and really does increase the overall integrity of the site.