| Index | Recent Threads | Unanswered Threads | Who's Active | Guidelines | Search |
 |
World Community Grid Forums
Category: Support
Forum: Suggestions / Feedback
Thread: Please secure the web site login |
| No member browsing this thread |
|
Thread Status: Active Total posts in this thread: 12
|
|
| Author |
|
|
Former Member
Cruncher Joined: May 22, 2018 Post Count: 0 Status: Offline |
I can't believe you're asking for login information and personal information to be submitted without encrypting it.
 |
||
|
|
USA
Advanced Cruncher Joined: Nov 22, 2004 Post Count: 107 Status: Offline |
Paranoid for a good reason, This is the internet.......
----------------------------------------It's secured after login sent Right? Hello the login page? 1. No "https://" (Note The 's' in https stands for secure) 2. No "little Lock" in the my web Browser's Status Bar (In IE click view then put a (click) check mark by status bar) 3. I've read over and over to make sure pages are secure before you enter ANY personal info.... 4. Here is an example of a secure login page with full encryption..... https://secure.newegg.com/app/Logon.asp?loginType=Logon Look its not a big deal. If you used your Bank log in code, just change it! Robert [Edit 2 times, last edit by USA at Nov 27, 2004 5:41:47 AM] |
|||
|
||||
|
Former Member
Cruncher Joined: May 22, 2018 Post Count: 0 Status: Offline |
I can't believe you're asking for login information and personal information to be submitted without encrypting it. What.. when you signed up.. you used your real information???? Hmmmm.... theres something wrong with your logic... one should never ever give real informaiton here.. and they should sit behind a router and firewall that allows for the IP to be mangled before tossing it to the server... like mine does!!  |
||
|
|
Former Member
Cruncher Joined: May 22, 2018 Post Count: 0 Status: Offline |
Dont you think that there is enough distain brewing within this project due to bad work units, cpu overheating worries, lack of Admin feedback and communication, etc, without the above posts causing more paronia
Lets get with the program and try to be a little more enthusiastic and helpful by giving positive advice to those members with problems instead of looking for opportunities to be pedantic |
||
|
|
Former Member
Cruncher Joined: May 22, 2018 Post Count: 0 Status: Offline |
This place is starting to sound like the old FIDO Net garbage...
|
|||
|
||||
|
Former Member
Cruncher Joined: May 22, 2018 Post Count: 0 Status: Offline |
This place is starting to sound like the old FIDO Net garbage...
|
|||
|
||||
|
Alther
Former World Community Grid Tech United States of America Joined: Sep 30, 2004 Post Count: 414 Status: Offline Project Badges: 
|
I can't believe you're asking for login information and personal information to be submitted without encrypting it. How did you (and everyone else who agreed with you) come to this conclusion? The login page information and ALL member area pages all sent via HTTPS and are indeed encrypted. If you do find a page or form that you believe should be encrypted and is in fact not, please let us know by listing the exact URL of the page so we can investigate and fix it. As Graham pointed out, albeit sarcastically, we do have enough valid issues to deal without the extra burden of trying to put to rest this type of inaccurate gossip. PLEASE, before posting something like this, VERIFY it. If you don't have the technical skill to verify it, send us an email via the Contact Us page , or post saying "I think that this is a problem...can someone please verify this?" rather than implying that it is definitely a problem. It just spreads needless fear to other members.
Rick Alther
Former World Community Grid Developer |
||
|
|
Former Member
Cruncher Joined: May 22, 2018 Post Count: 0 Status: Offline |
Unfortunately the original poster is correct.
If you click on the client to view your scores you are taken to an unsecured login page (http://). The login page should have been secured by enforcing & redirecting to https on the login page. It's only a server setting. |
||
|
|
u12349768
Cruncher Joined: Nov 16, 2004 Post Count: 9 Status: Offline |
Someone might also like to investigate, whether the data one receives by clicking the menu on the left hand side (My Profile..) after the login, is encrypted, too.
----------------------------------------[Edit 1 times, last edit by u12349768 at Nov 26, 2004 7:39:40 PM] |
||
|
|
Alther
Former World Community Grid Tech United States of America Joined: Sep 30, 2004 Post Count: 414 Status: Offline Project Badges:
|
Unfortunately the original poster is correct. If you click on the client to view your scores you are taken to an unsecured login page (http://). The login page should have been secured by enforcing & redirecting to https on the login page. It's only a server setting. The Login page itself is not encrypted, not does it need to be. It's the submission of the userid and password that needs to be encrypted and it most certainly is.
Rick Alther
Former World Community Grid Developer |
||
|
|
|