Home » forums » Site Discussion

HTTPS and logins to LtU.

With the new hosting solution I'm observing that we don't have HTTPS connections on the page where people are logging in. This exposes LtU logins to HTTP eavesdroppers.

Given that lots of people use the same password across multiple sites (even though everybody already knows they oughtn't) this probably also exposes a number of users' ALT, Amazon, Ashley Madison, Banking, BeNaughty, Bing, BoingBoing, Buddybang, Craigslist, DeviantArt, Diaspora, Digg, Discord, Douyen, Ebay, EstablishedMen, Facebook, Fark, Fetlife, Flicker, Foursquare, Friendica, Gab, Glee, GnuSocial, Google, Grindr, Imgur, Instagram, Limewire, LinkedIn, LINE, LiveJournal, Mastodon, Meetup, MySpace, OKCupid, Patreon, Parler, Pinterest, PlosOne, Reddit, QQ, Qzone, Quora, ResearchGate, SecondLife, Seeking, Slack, SocialCast, Snapchat, SomethingAwful, SoundCloud, Stack Overflow, Sharesome, Steam, Telegram, Tiktok, Tinder, Truth social, Tumblr, TV Tropes, Twitch, Twitter, Vimeo, WeChat, Weibo, Viber, WattPad, WhatsApp, Wikipedia, WordPress, Yahoo, Yammer, Yelp, and Youtube passwords.

Though probably not all of them for any one person.

Just sayin, this ought to be corrected.

By Ray Dillinger at 2022-09-18 17:18 | Site Discussion | next forum topic | other blogs | 6414 reads

Comment viewing options

Select your preferred way to display the comments and click "Save settings" to activate your changes.

HTTPS

There was no HTTPS on the previous host either, so nothing has changed in that respect.

HTTPS will be added soon though.

Given that lots of people use the same password across multiple sites (even though everybody already knows they oughtn't)

I would hope that behavior is not prevalent in the LtU audience. But now that you mention banking, I realize we've been leaving an opportunity on the table all this time...

By Anton van Straaten at Tue, 2022-09-20 06:02 | login or register to post comments

Long Time No See

I know it's been a couple of years, but since I'm trying to embed an old post in a web-based slide system delivered via https: currently, trying to access LtU with https results in an error. Is anyone administering LtU aware of this, and is there an ETA for resolution?

Thanks!

By Paul Snively at Sun, 2025-05-04 13:32 | login or register to post comments

Long Time No See

I know it's been a couple of years, but since I'm trying to embed an old post in a web-based slide system delivered via https: currently, trying to access LtU with https results in an error. Is anyone administering LtU aware of this, and is there an ETA for resolution?

Thanks!

By Paul Snively at Sun, 2025-05-04 13:32 | login or register to post comments

Long Time No See

I know it's been a couple of years, but since I'm trying to embed an old post in a web-based slide system delivered via https: currently, trying to access LtU with https results in an error. Is anyone administering LtU aware of this, and is there an ETA for resolution?

Thanks!

By Paul Snively at Sun, 2025-05-04 13:32 | login or register to post comments

Really old issue, no progress?

This has been going on for *years*, and it's just not OK.

By shap at Mon, 2025-09-29 23:41 | login or register to post comments