https support?

CellarTracker Main Site

https support?

View related threads: (in this forum | in all forums)

Logged in as: Guest

Users viewing this topic: none

Printable Version

All Forums >> [Cellar Talk] >> CellarTracker Support >> https support?

Page: [1]

Message

<< Older Topic Newer Topic >>

https support? - 4/4/2010 7:54:21 PM

anubis

Posts: 72
Joined: 1/4/2010
From: Sydney, Australia
Status: offline

Having just returned home from a trip to Thailand and using various PUBLIC internet (fixed and wireless) terminals, I refrained from logging onto CT (or GS) from these public spots as there is no HTTPS support at the CT/GS login page [that I could find].

I know my collection is probably not on any-body's hit list if they do find out my ID and password, but I still couldn't bring my self to logon from these spots.

Is there any consideration of at least making the login to CT/GS and the discussions HTTPS capable in the future. Preferably, the whole site should be HTTPS enabled just to keep everything secret from prying eyes...

Thanks

Post #: 1

RE: https support? - 4/4/2010 7:58:13 PM

Eric

Posts: 17314
Joined: 10/10/2003
From: Seattle, WA
Status: offline

In the future I will be doing an authentication overhaul including HTTPS login and then some session/password hashing. For now the site is low-tech and low-security. No point going halfway on this stuff.

_____________________________

Cheers!
-Eric LeVine

http://twitter.com/cellartracker
http://facebook.com/cellartracker

(in reply to anubis)

Post #: 2

RE: https support? - 10/28/2011 12:39:18 PM

Eric

Posts: 17314
Joined: 10/10/2003
From: Seattle, WA
Status: offline

FYI, following up on this, as of last night CellarTracker has moved to industry best practice for password and cookie handling:
https://www.cellartracker.com/forum/tm.asp?m=166607

_____________________________

Cheers!
-Eric LeVine

http://twitter.com/cellartracker
http://facebook.com/cellartracker

(in reply to Eric)

Post #: 3