|
| Thread: Secure connection | |
|
Sokoro
Tavern Dweller
|
posted April 18, 2017 04:00 PM |
|
|
Secure connection
why is the website not using secure connection when loggin user in?
|
|
Zenofex
Responsible
Legendary Hero
Kreegan-atheist
|
|
posted April 18, 2017 07:49 PM |
|
|
|
Because it's using HTTP, not HTTPS. Why would you need to encrypt something which you would ultimately post in a public game forum anyway?
|
|
Sokoro
Tavern Dweller
|
|
posted April 18, 2017 07:57 PM |
|
|
because i dont want others to see my password? or is that not affected?
I dunno, it was just some message from firefox, it whined about the input not being secured.
|
|
Zenofex
Responsible
Legendary Hero
Kreegan-atheist
|
|
posted April 18, 2017 08:02 PM |
|
|
|
Firefox just states that the forum does not use SSL (the S from HTTPS), that's all. People on the forum won't see your password. You have reasons to worry only if you connect via some insecure wireless hotspot, otherwise few people will bother stealing your credentials to a place this.
|
|
fred79
Disgraceful
Undefeatable Hero
|
|
posted April 18, 2017 08:19 PM |
|
|
except maybe skeleton_king or herry. 
|
|
frostysh
Bad-mannered
Famous Hero
WHY?
|
|
posted April 28, 2017 08:40 AM |
|
|
I am not understanding much in this stuff, but <imho> HTTPS is more cool than HTTP, so https://heroescommunity.com +1 .
____________
|
|
dredknight
Honorable
Supreme Hero
disrupting the moding industry
|
|
posted May 01, 2017 10:05 PM |
|
|
Hello there!
Https is a good thing to introduce to any site where people log in.
To move to HTTPS one have to sign a certificate for the SSL connection from a signing certificate authority(CA). And the certificate should be renewed on a yearly basis.
One such authority for example is Commodo. What we need is a single domain certificate which at commodo costs 10$ per year.
p.s. the higher the price the better the security
____________
Join our official discord channel | NCF Utility Beta
|
|
Zenofex
Responsible
Legendary Hero
Kreegan-atheist
|
|
posted May 01, 2017 10:19 PM |
|
|
|
SSL is fairly vulnerable nowadays and frankly I see no point in implementing certificate-based security to a web-site where people spend most of their time in idle chatter. Moreover if the CA is not well-known and thus not in the list of the "trusted" CAs of the respective user's browser, it will constantly throw "untrusted certificate" errors which will probably generate even more concerned posts.
|
|
artu
Promising
Undefeatable Hero
My BS sensor is tingling again
|
|
posted May 01, 2017 11:54 PM |
|
|
zenofex said:
____________
Are you pretty? This is my occasion. - Ghost
|
|
Zenofex
Responsible
Legendary Hero
Kreegan-atheist
|
|
posted May 02, 2017 09:40 AM |
|
|
You should stop using Google Translate, there are at least 10 grammar mistakes in that translation. 
|
|
|
|
