Meta > Feedback
The forum isn't protected by HTTPS
magnetic:
The forum isn't protected by HTTPS. This means if we login to the forum on a shared WiFi connection, someone can steal our session and impersonate us. Given that pseudo-offical rulemaking is done on this forum, I think it's a serious issue.
With free (even wildcard) certificates from letsencrypt.org, there's not much of a burden to securing a domain like this these days.
If you need any assistance, give me a PM.
gkrieg13:
But how do we know that you are magnetic right now?
magnetic:
Even if I posted this anonymously the report is still true. ;)
Chris is me:
I mean... is anything we do here really that important? We’re playing a card game. Who cares about the extremely unlikely event that someone steals somebody’s log in in order to... impersonate them here? Which would be really quickly obvious and dealt with?
Plenty of other reasons to use https (mainly for people not smart enough to use multiple passwords for things) but I mean I wouldn’t say it’s particularly urgent.
faust:
--- Quote from: Chris is me on June 04, 2018, 11:25:02 pm ---I mean... is anything we do here really that important?
--- End quote ---
Is anything we do really that important?
Navigation
[0] Message Index
[#] Next page
Go to full version