kknight Posted May 19, 2020 Share Posted May 19, 2020 when I logged in to the sight it says NOT SECURED Has it always been like that ? Quote Link to comment Share on other sites More sharing options...
SuncrestReef Posted May 19, 2020 Share Posted May 19, 2020 Yes, it's said that at least since I first joined in 2018. The reason is that this site uses HTTP rather than HTTPS. HTTP is not encrypted and does not use any SSL certificate like most commercial sites. Quote Link to comment Share on other sites More sharing options...
Micah Posted May 19, 2020 Share Posted May 19, 2020 It's actually an option with the hosting they have. They have to pay for the certificate, yearly renewal, but I think that's it. It's a non-significant cost, but it cost nonetheless. With more sites using SSL or TLS, it's pretty common. Might be something to look into.As it stands, your username and password are being sent in the clear. Somebody at the ISP or on your wireless network could sniff out your password. It's a good idea to never use the same password on any site anyways. I use something like LastPass to organize my passwords. All I have to know is this single password to get into that and any multi-factor authentication to use it. It makes it pretty simple, even my mom uses it. 3 1 Quote Link to comment Share on other sites More sharing options...
albertareef Posted May 19, 2020 Share Posted May 19, 2020 12 minutes ago, Micah said: It's actually an option with the hosting they have. They have to pay for the certificate, yearly renewal, but I think that's it. It's a non-significant cost, but it cost nonetheless. With more sites using SSL or TLS, it's pretty common. Might be something to look into. As it stands, your username and password are being sent in the clear. Somebody at the ISP or on your wireless network could sniff out your password. It's a good idea to never use the same password on any site anyways. I use something like LastPass to organize my passwords. All I have to know is this single password to get into that and any multi-factor authentication to use it. It makes it pretty simple, even my mom uses it. Something to consider for sure. Jeremy @TheClark do you know what this would cost on an annual basis? 1 Quote Link to comment Share on other sites More sharing options...
goldenbasketreef Posted May 20, 2020 Share Posted May 20, 2020 15 hours ago, albertareef said: Something to consider for sure. Jeremy @TheClark do you know what this would cost on an annual basis? I pay 60.00 a year for SSL Certificate for my site Quote Link to comment Share on other sites More sharing options...
Micah Posted May 20, 2020 Share Posted May 20, 2020 17 hours ago, albertareef said: Something to consider for sure. Jeremy @TheClark do you know what this would cost on an annual basis? It may depend on your hosting. They may require you to use their own CA. If that's the case, you should probably reach out to them. If you can use any ole cert, then there are budget cert companies out there that will at least remove the "NOT SECURE" message - though it won't be as good as say Rudy's 60 dollar cert (assuming it's a verisign/other large brand). 1 Quote Link to comment Share on other sites More sharing options...
Chief Posted May 22, 2020 Share Posted May 22, 2020 Looks like it is about $150/yr with godaddy 1 Quote Link to comment Share on other sites More sharing options...
albertareef Posted May 22, 2020 Share Posted May 22, 2020 3 hours ago, Chief said: Looks like it is about $150/yr with godaddy Thanks Jay - what are your thoughts on going that route? Quote Link to comment Share on other sites More sharing options...
SuncrestReef Posted May 22, 2020 Share Posted May 22, 2020 3 hours ago, Chief said: Looks like it is about $150/yr with godaddy @Chief Please PM me about this. I'm an IT security professional and I have some questions/comments about our hosting & SSL options. Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.