Forum Login passwords not protected

Bitcoin Forum

May 11, 2024, 02:18:43 AM

Welcome, Guest. Please login or register.

News: Latest Bitcoin Core release: 27.0 [Torrent]

Home

Help

Bitcoin Forum > Other > Meta > Forum Login passwords not protected

Pages: [1]

« previous topic next topic »

Author

Topic: Forum Login passwords not protected (Read 1062 times)

BitMofo (OP)

Member

Offline

Activity: 112
Merit: 10

Forum Login passwords not protected

July 30, 2011, 06:33:03 PM

Hi,

On first attempt, passwords are secure, but if you get it wrong and login from loginattempt2, it is just straight http and easy to sniff!

1HNffyHktcD2iB6WJhPxKbALJdg4dwerTG

1715393923

Hero Member

Offline

Posts: 1715393923

Ignore

1715393923

1715393923


	Report to moderator

1715393923

Hero Member

Offline

Posts: 1715393923

Ignore

1715393923


	Report to moderator

If you see garbage posts (off-topic, trolling, spam, no point, etc.), use the "report to moderator" links. All reports are investigated, though you will rarely be contacted about your reports.

Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction.

1715393923

Hero Member

Offline

Posts: 1715393923

Ignore

1715393923


	Report to moderator

1715393923

Hero Member

Offline

Posts: 1715393923

Ignore

1715393923


	Report to moderator

1715393923

Hero Member

Offline

Posts: 1715393923

Ignore

1715393923


	Report to moderator

TKHatch

Newbie

Offline

Activity: 19
Merit: 0

Re: Forum Login passwords not protected

July 31, 2011, 09:31:54 AM

Smells fishy to me.

wumpus

Hero Member

Offline

Activity: 812
Merit: 1022

No Maps for These Territories

Re: Forum Login passwords not protected

July 31, 2011, 10:54:52 AM

Yup the forum sometimes bounces you to http without warning. Not only on login. This can be pretty dangerous if you're on a public network.

I don't think it's fishy, just some kind of misconfiguration.

Maybe this helps:
https://forum.bitcoin.org/?topic=2795.0

Bitcoin Core developer [PGP] Warning: For most, coin loss is a larger risk than coin theft. A disk can die any time. Regularly back up your wallet through File → Backup Wallet to an external storage or the (encrypted!) cloud. Use a separate offline wallet for storing larger amounts.

BitMofo (OP)

Member

Offline

Activity: 112
Merit: 10

Re: Forum Login passwords not protected

July 31, 2011, 12:58:14 PM

Quote from: John Smith on July 31, 2011, 10:54:52 AM

Thanks for this =] I think I'll be switching back to firefox! Isn't anything like this for chrome is there?

1HNffyHktcD2iB6WJhPxKbALJdg4dwerTG

Exonumia

Full Member

Offline

Activity: 189
Merit: 101

Re: Forum Login passwords not protected

July 31, 2011, 03:13:37 PM

Quote from: BitMofo on July 31, 2011, 12:58:14 PM

Thanks for this =] I think I'll be switching back to firefox! Isn't anything like this for chrome is there?

I use KB SSL enforcer.

https://chrome.google.com/webstore/detail/flcpelgcagfhfoegekianiofphddckof

theymos

Administrator
Legendary

Offline

Activity: 5194
Merit: 12983

Re: Forum Login passwords not protected

July 31, 2011, 11:23:08 PM

Cookies aren't marked as secure, either, so just visiting forum.bitcoin.org once with HTTP is enough to allow someone to hijack your account. I use NoScript to force HTTPS here.

1NXYoJ5xU91Jp83XfVMHwwTUyZFK64BoAD

Pages: [1]

Bitcoin Forum > Other > Meta > Forum Login passwords not protected

« previous topic next topic »

Jump to: