Why is this site not using HTTPS ? - About the Forum - City-Data Forum

flamadiddle · 02-02-2017, 12:57 PM

Seems nothing is encrypted including login?

Dude111 · 02-02-2017, 01:04 PM

No reason for it on a site like this..... Ya only introduce connection problems with some browsers,etc.....

pretty in black · 03-21-2017, 10:44 AM

I visit another forum and they no longer use https. What is going on and why has noone answered the question? I'm scared to even log in here anymore.

Debsi · 03-21-2017, 10:51 AM

Quote:

Originally Posted by pretty in black

I visit another forum and they no longer use https. What is going on and why has noone answered the question? I'm scared to even log in here anymore.

What information are you worried about securing? Your posts are readable by all by design. You hopefully aren't sending people DM's with your social security and credit card numbers...

flamadiddle · 03-21-2017, 03:03 PM

Quote:

Originally Posted by Debsi

What information are you worried about securing?

username/password should at least be encrypted.

Dude111 · 03-21-2017, 03:43 PM

Quote:

Originally Posted by pretty in black

I visit another forum and they no longer use https. What is going on and why has noone answered the question? I'm scared to even log in here anymore.

Dont worry,things are ok.....Dont let the BS scare you!!

1973PINTO · 03-21-2017, 04:19 PM

i am getting some kind of new pop up when i come here that i had not seen before ...i`ll pay more attention to it in the future .. it goes away pretty quickly ..

Marka · 03-22-2017, 12:47 AM

Because, as has been been said before, we don't store any sensitive information. You don't give us your real name or address, much less your SS or CC numbers. You aren't even required to give us a real email, except for moderators and even that can be created for this purpose only. As to your password, by cracking it nobody would gain any other access than they do by registering themselves. There is no option to hide your posts one way or another so it's your own choice what you want to reveal here.

What needs to be secured is access to our servers and that is taken care of without https.

Fubarbundy · 03-26-2017, 10:58 AM

People do need to be aware (from Firefox) that:

Quote:

Sometimes sites require username and passwords, but don’t actually store data that is very sensitive. For example, a news site may save which news articles a user wants to go back and read, but not save any other data about a user. Most users don’t consider this highly sensitive information. Web developers of the news site may be less motivated to secure their site and their user credentials. Unfortunately, password reuse is a big problem. Users use the same password across multiple sites (news sites, social networks, email providers, banks). Hence, even if access to the username and password to your site doesn’t seem like a huge risk to you, it is a great risk to users who have used the same username and password to login to their bank accounts. Attackers are getting smarter; they steal username/password pairs from one site, and then try reusing them on more lucrative sites.

So, if you don't use the same username and password here that you use for banking, etc, then no worries.

TRex2 · 04-19-2017, 04:39 AM

Quote:

Originally Posted by Marka

... As to your password, by cracking it nobody would gain any other access than they do by registering themselves. ...

Not quite true. Should someone crack your password, they could post under your pseudonym.
Might be a minor thing, but it is a thing.