Barons of the Galaxy Forum - Feature Requests - HTTPS Support

Barons of the Galaxy Forum - Feature Requests - HTTPS Support - Messages http://forum.baronsofthegalaxy.com/topic1177-https-support.aspx Barons of the Galaxy Forum - Feature Requests - HTTPS Support - Messages en-us http://blogs.law.harvard.edu/tech/rss Jitbit AspNetForum Tue, 11 Aug 2020 13:18:54 GMT Tue, 11 Aug 2020 13:18:54 GMT http://forum.baronsofthegalaxy.com/topic1177-https-support.aspx Message from Doctor Dread Tue, 11 Aug 2020 13:18:54 GMT http://forum.baronsofthegalaxy.com/topic1177-https-support.aspx Message from unaltered
New player - was honestly surprised to see a password field without HTTPS/SSL enabled. I would very much support this.]]> Sun, 09 Aug 2020 12:12:13 GMT http://forum.baronsofthegalaxy.com/topic1177-https-support.aspx Message from Doctor Dread Razorix22 wrote:

Please excuse-me to dig up this topic, but any plan of implementing it ?

There not only is a plan to implement it, the server itself already is running SSL on another website I control now. I plan on adding one here also soon I just haven't gotten to it yet.]]> Thu, 26 Dec 2019 15:20:55 GMT http://forum.baronsofthegalaxy.com/topic1177-https-support.aspx Message from Razorix22 ]]> Sat, 21 Dec 2019 14:10:17 GMT http://forum.baronsofthegalaxy.com/topic1177-https-support.aspx Message from Doctor Dread Chojin wrote:

I support this idea too

Its one of those things we plan to enable right before a launch. You should try to use your "burner" password for now =)]]> Thu, 29 Dec 2016 09:16:27 GMT http://forum.baronsofthegalaxy.com/topic1177-https-support.aspx Message from Chojin ]]> Thu, 29 Dec 2016 02:01:38 GMT http://forum.baronsofthegalaxy.com/topic1177-https-support.aspx Message from Doctor Dread
As fermuchis saying though, that offers no protection from you typing in your login password and hitting login on the webpage, you are SENDING it to the server in plain text where anyone who is sniffing the network can potentially see it. SSL Encryption protects that as it is sent encrypted from your machine tot he server.

SSL is something we plan to incorporate before launch, don't use your Bank of America login for the beta test please =)]]> Sat, 06 Aug 2016 10:14:13 GMT http://forum.baronsofthegalaxy.com/topic1177-https-support.aspx Message from CmrdRowen fermuch wrote:

I don't like the idea of my passwords going across the internet in plain text

Basic practice with passwords is to hash them before sending it to the server so that's not much a problem. But a packet sniffer would definitely get the http request and get your password in md5 format, not in plain text wink

and that's if the guy is successful in catch it... And as you cannot directly reverse hashed password to original text, it will be more difficult to get it (not totally impossible, though, but it will certainly take time depending on how complex is your password).]]> Sat, 06 Aug 2016 07:40:08 GMT http://forum.baronsofthegalaxy.com/topic1177-https-support.aspx Message from fermuch I don't like the idea of my passwords going across the internet in plain text, so I'm suggesting to add SSL support.

With LetsEncrypt you can get a free SSL certificate, or even easier you could switch to CloudFlare DNS' and you'll also get some basic DDoS protection (also free).]]> Sat, 06 Aug 2016 06:22:29 GMT