• Fur Affinity Forums are governed by Fur Affinity's Rules and Policies. Links and additional information can be accessed in the Site Information Forum.

Bug/Site Problem: Passwords sent in plaintext

SnowFox

SnowFox

Member
When you change anything in your account settings you have to enter your password, but if you get there by following the links in the control panel you you'll end up at http://www.furaffinity.net/controls/settings/ which will then submit your password insecurely as plaintext (unless I'm being stupid and broke something on my end). Doesn't this sort of defeat the purpose of having an SSL login page?

Perhaps the account settings page should always redirect itself to https like the login page does?
 
DW_

DW_

memes, you say?
Didn't we find out the same exact thing was wrong with the PSN a few months ago? Or was I just dreaming that 77 million users (including myself) had their details breached?
 
Onnes

Onnes

Member
For those wishing to avoid this problem, the HTTPS Everywhere plugin for Firefox can be used to automatically redirect links to the secured pages. This post has a particular script for FurAffinity.
 
You must log in or register to reply here.
Top