Forum Login

General PrestoSoft-related discussion
Post Reply
David B. Trout
Junior Member
Posts: 18
Joined: Wed Jan 06, 2010 4:21 am

Forum Login

Post by David B. Trout »

I for one would greatly appreciate it if you (Presto) would provide a SECURE (https) login page.

I realize this is just a product support forum so its usefulness to hackers is likely very low (perhaps nonexistent), BUT...

It's the point of the matter! It is extremely poor security practice to be passing login information (which includes one's password) "in the clear" so anyone sniffing the traffic can grab your password and possibly use it to their advantage somehow (such as via social engineering or, worse, directly to access some of your other accounts should you be foolish enough to use the same password for other web sites (which, sadly, a lot of people still foolishly do)).

I also further realize correcting this oversight would likely be an expense to you, since you'd have to purchase a quality SSL certificate and reconfigure your HTTP server (apache?) to start using https instead of http, but again, I personally feel it is something you (and indeed everyone/anyone who runs a support forum!) should do in today's security-conscious privacy-concerned world.

Any chance of this getting fixed? I don't like login pages that aren't secure/encrypted!


Keep up the good work! EDP totally rocks!
"Fish" (David B. Trout)
"Programming today is a race between
software engineers striving to build bigger
and better idiot-proof programs, and the
Universe trying to produce bigger and better
idiots. So far, the Universe is winning"
- Rich Cook
User avatar
Site Admin
Posts: 2137
Joined: Sat May 15, 2004 4:23 pm
Location: California

Re: Forum Login

Post by psguru »

Thank you for your suggestion. We currently have no plans to use SSL for this forum. There's no data that has to be secured here, so making the forum secure seems an unnecessary burden.
Expert Member
Posts: 128
Joined: Wed Aug 11, 2004 6:25 am
Location: Israel

Re: Forum Login

Post by AlexL »

And in addition, this forum is pre-moderated. So even in case of security breach into a regular user account, the potentially malicious post won't be published (and such dilution is actually happening).
Post Reply