Topic: password sent over https.. BP not secure! · BuddyPress.org

Skip to:: Content; Pages; Categories; Search; Top; Bottom

password sent over https.. BP not secure!

@yadigit

Participant

12 years, 11 months ago

I ran a program to see how secure a friends site was.. the end report said that the password in /register was sent over https and that a person sniffing the traffic can get a user’s password..
any idea how to make it more secure?

Viewing 2 replies - 1 through 2 (of 2 total)

@hnla

Participant

12 years, 11 months ago

Should that not have been ‘BP not secure?’ rather than ‘BP not secure!’ question rather than a statement!

BP doesn’t implement https the server does, for https to be secure valid and authentic certs must be in use?

The point of correctly implemented https with certs and encryption layers is to prevent ‘ man in the middle’ interceptions.

@djpaul

Keymaster

12 years, 11 months ago

Closing.

Viewing 2 replies - 1 through 2 (of 2 total)

The topic ‘password sent over https.. BP not secure!’ is closed to new replies.