not secure...
-
James-Buzz
- Trainee Fireman
- Posts: 149
- Joined: Sat Feb 19, 2011 7:41 pm
- Location: Dunstable - UK
not secure...
Don't know if anyone else has had this but my new internet security package has started telling me that this site is not secure and that the login page does not secure the data entered to enable a login, anyone could intercept the details. ?
James of Dunstable.
There are two protocols that web pages can use to transfer information from a web server to your browser, these are http and https. The first is an unencrypted protocol and the second is encryped (the s stands for "secure"). This site uses the normal http protocol.
What this means is that when you enter your password in the login page it is transmitted to the web server as plain text which would be readable to anybody with the capability of intercepting that transmission. In real terms, to intercept your password somebody would have to be:
Sniffing traffic on your local area network.
In a trusted position at your ISP or an intermediate carrier.
Sniffing traffic on the web host's local network.
The second two cases are a matter of trust and are criminal activities which the web host or carrier will almost certainly have measures to prevent.
In the first case, provided you don't allow people you do not know to use your local area or wifi network, and your wifi encrypted you should be quite safe. If you are using a public internet connection or open wifi network then you might want to be more cautious and avoid logging into this site.
It is very common for web based forums to use http instead of https for their communication. This is because https requires the purchase of a security certificate from a certification authority. When using sites such as this one (any site that does not have the "padlock" symbol in the address bar) you should be aware that there is a potential security risk.
For unsecured sites never use the same password that you would use for sites that demand higher security, such as your online banking password or your email login password.
What this means is that when you enter your password in the login page it is transmitted to the web server as plain text which would be readable to anybody with the capability of intercepting that transmission. In real terms, to intercept your password somebody would have to be:
Sniffing traffic on your local area network.
In a trusted position at your ISP or an intermediate carrier.
Sniffing traffic on the web host's local network.
The second two cases are a matter of trust and are criminal activities which the web host or carrier will almost certainly have measures to prevent.
In the first case, provided you don't allow people you do not know to use your local area or wifi network, and your wifi encrypted you should be quite safe. If you are using a public internet connection or open wifi network then you might want to be more cautious and avoid logging into this site.
It is very common for web based forums to use http instead of https for their communication. This is because https requires the purchase of a security certificate from a certification authority. When using sites such as this one (any site that does not have the "padlock" symbol in the address bar) you should be aware that there is a potential security risk.
For unsecured sites never use the same password that you would use for sites that demand higher security, such as your online banking password or your email login password.
Who is online
Users browsing this forum: No registered users and 2 guests