The Magic Café
Username:
Password:
[ Lost Password ]
  [ Forgot Username ]
The Magic Cafe Forum Index » » The Magic Café Tech Help Area » » Log-in Unsecure? (0 Likes) Printer Friendly Version

Jim_Macdonald
View Profile
New user
7 Posts

Profile of Jim_Macdonald
I just got Firefox 52.0 (32-bit), and it has just started popping up a Dire Warning when I try to log in here that the page is not secure.

I have no idea what's up with that, and (as you can see) it allowed me to log in, but dire warnings are dire.
Salguod Nairb
View Profile
Room 101
-3 Posts

Profile of Salguod Nairb
I logged out to see what I would see.

The message I receive is that this site is not secure, meaning that the login is not a Https but only a Http. IE: secure/unsecure.

So it is possible that your password could be being sent in clear plaintext.

So what does that mean? If you are logging in from a public hotspot someone could have a sniffer active and collect your login information.

If you are logging in at home, or a place you have security over your router then you should be fine.

I use a free Firefox extension called HTTPS Everywhere. It will route across Https if that port is available even if not listed.

I also have Bitdefender TrafficLight which lets me know if any other sites/apps are piggybacking and collecting information on me. IE: Facebook/Google/Ad sites.

Both HTTPS Everywhere and Bitdefender report this site as safe.

I believe the 'error' you are receiving is a notification feature that they recently added. Best to be aware of your surroundings before absently logging in. I'm sure someone with a sniffer at a convention could collect a lot of passwords.


Gene, I assume you have port 443 available as I'm not receiving an alert from HTTPS Everywhere.
We shall meet in the place where there is no darkness...
Ian Wright
View Profile
New user
5 Posts

Profile of Ian Wright
Jim,

Your browser is trying to alert you to the fact that anything you send to the site can be easily intercepted by someone on the internet/same network as you. It should be using HTTPS (s = secure) on the login page but it's not, and at some point this is going to cause problems. In the mean time may I suggest the following:

1) Don't re-use your magic Café password anywhere else. This is bad practise anyway, but I can't stress this enough with passwords being intercept-able. If you struggle remembering them use a free password manager (e.g. LastPass).

2) Before you hit submit/send ask yourself if you mind someone else being able to read it. Somebody could easily read what you're saying (even in private messages), so if you're unhappy if someone else got that information don't click that button!



Just to note, add-ons and extensions to browsers like "https everywhere" won't protect you in this case.
Dave Scribner
View Profile
Assistant Manager
Lake Hopatcong, NJ
4908 Posts

Profile of Dave Scribner
Might want to read this topic from not long ago regarding HTTPS and HTTP as described by out tech guy.

http://www.themagiccafe.com/forums/viewt......forum=50
Where the magic begins
Ian Wright
View Profile
New user
5 Posts

Profile of Ian Wright
Thanks Dave, however redirecting from https to http is just simply wrong!
The Magic Cafe Forum Index » » The Magic Café Tech Help Area » » Log-in Unsecure? (0 Likes)
[ Top of Page ]
All content & postings Copyright © 2001-2018 Steve Brooks. All Rights Reserved.
This page was created in 0.1 seconds requiring 5 database queries.
The views and comments expressed on The Magic Café
are not necessarily those of The Magic Café, Steve Brooks, or Steve Brooks Magic.
> Privacy Statement <

ROTFL Billions and billions served! ROTFL