Forum Login

General PrestoSoft-related discussion
Post Reply
David B. Trout
New Member
Posts: 5
Joined: Wed Jan 06, 2010 4:21 am

Forum Login

Post by David B. Trout » Sun Jan 18, 2015 5:30 pm

I for one would greatly appreciate it if you (Presto) would provide a SECURE (https) login page.

I realize this is just a product support forum so its usefulness to hackers is likely very low (perhaps nonexistent), BUT...

It's the point of the matter! It is extremely poor security practice to be passing login information (which includes one's password) "in the clear" so anyone sniffing the traffic can grab your password and possibly use it to their advantage somehow (such as via social engineering or, worse, directly to access some of your other accounts should you be foolish enough to use the same password for other web sites (which, sadly, a lot of people still foolishly do)).

I also further realize correcting this oversight would likely be an expense to you, since you'd have to purchase a quality SSL certificate and reconfigure your HTTP server (apache?) to start using https instead of http, but again, I personally feel it is something you (and indeed everyone/anyone who runs a support forum!) should do in today's security-conscious privacy-concerned world.

Any chance of this getting fixed? I don't like login pages that aren't secure/encrypted!

Thanks!

Keep up the good work! EDP totally rocks!
"Fish" (David B. Trout)
"Programming today is a race between
software engineers striving to build bigger
and better idiot-proof programs, and the
Universe trying to produce bigger and better
idiots. So far, the Universe is winning"
- Rich Cook

User avatar
psguru
Site Admin
Posts: 1730
Joined: Sat May 15, 2004 4:23 pm
Location: California
Contact:

Re: Forum Login

Post by psguru » Sun Jan 18, 2015 6:33 pm

Thank you for your suggestion. We currently have no plans to use SSL for this forum. There's no data that has to be secured here, so making the forum secure seems an unnecessary burden.
psguru
PrestoSoft

AlexL
Expert Member
Posts: 120
Joined: Wed Aug 11, 2004 6:25 am
Location: Israel
Contact:

Re: Forum Login

Post by AlexL » Mon Jan 19, 2015 11:29 am

And in addition, this forum is pre-moderated. So even in case of security breach into a regular user account, the potentially malicious post won't be published (and such dilution is actually happening).

Post Reply