https

umby24 · 05-10-2017, 03:27 PM

For the security of the users of this forum and their information I would highly reccomend and suggest that you guys implement HTTPS across the board for these forums and the front page website as well.

If you need additional information about this or help in implementing it, I would be happy to assist.

Infern0 · 05-24-2017, 08:15 PM

Security of what information? I'd hope no one is submitting any PII or PCI on a forum like this.

Also, HTTPS would only protect the information in transit, assuming they aren't already compromised from the start. Wouldn't do more than that.

Is that what you were referring to?

umby24 · 05-26-2017, 10:37 PM

user passwords and birthdays, my main concern being passwords.

The transit encryption would prevent eavesdropping on that information because as it stands, anyone enters their password to sign up or to login to this site, everyone between their own computer, and the camaro6 servers can grab that information, easily.

It ensures the 'C' of the CIA triad, ensuring the only party that receives that information is the one intended to get that information, which would be the camaro6 forums.

You are correct to point out if either the forums or the user's computer are compromised it doesn't matter anyway, but assuming the security of both, it protects the users password information.

In a perfect world people wouldn't reuse or use easy to guess passwords, but unfortunately that's not this world.

Infern0 · 05-26-2017, 11:25 PM

All good points. Good hygiene from the start is never a bad thing.

05-10-2017, 03:27 PM	#1
umby24 Drives: None Join Date: May 2017 Location: Texas Posts: 63	https For the security of the users of this forum and their information I would highly reccomend and suggest that you guys implement HTTPS across the board for these forums and the front page website as well. If you need additional information about this or help in implementing it, I would be happy to assist.

05-24-2017, 08:15 PM	#2
Infern0 Bring It Drives: In Between Join Date: Sep 2009 Location: San Antonio, TX Posts: 2,929 View My Garage	Security of what information? I'd hope no one is submitting any PII or PCI on a forum like this. Also, HTTPS would only protect the information in transit, assuming they aren't already compromised from the start. Wouldn't do more than that. Is that what you were referring to? __________________ 2017 Camaro ZL1 M6 - Everything but the sunroof - Sold 2010 Camaro SS - 650RWHP Daily Driver - Traded

05-26-2017, 11:25 PM	#4
Infern0 Bring It Drives: In Between Join Date: Sep 2009 Location: San Antonio, TX Posts: 2,929 View My Garage	All good points. Good hygiene from the start is never a bad thing. __________________ 2017 Camaro ZL1 M6 - Everything but the sunroof - Sold 2010 Camaro SS - 650RWHP Daily Driver - Traded

05-26-2017, 10:37 PM	#3
umby24 Drives: None Join Date: May 2017 Location: Texas Posts: 63	user passwords and birthdays, my main concern being passwords. The transit encryption would prevent eavesdropping on that information because as it stands, anyone enters their password to sign up or to login to this site, everyone between their own computer, and the camaro6 servers can grab that information, easily. It ensures the 'C' of the CIA triad, ensuring the only party that receives that information is the one intended to get that information, which would be the camaro6 forums. You are correct to point out if either the forums or the user's computer are compromised it doesn't matter anyway, but assuming the security of both, it protects the users password information. In a perfect world people wouldn't reuse or use easy to guess passwords, but unfortunately that's not this world.

User Name		Remember Me?
Password