|
|
|
|
|
|
by ctb_mg
4693 days ago
|
|
|
Looks like more head-in-the-sand security from people who aren't detail oriented. Yes, your login pages need SSL. Perceived rarity has nothing to do with it! A password is being transmitted in plaintext. If forum passwords weren't a target then why are so many website databases a primary target lately? They steal the crappy, unsalted hashes and emails and go to town at other services where they are likely to use the same password. I can't believe we are having this discussion! |
|
|
That's how I felt, but that is also what made me want to have a quick check with others before voicing that kind of opinion. Seems like when I am the most sure about something, I'm the most vulnerable to making a mistake.