Thank you for bringing this up, Bingley.
The forum website is not secured with encryption, so a bad actor who had access to your network, the network the site is hosted on, or (less likely) any network between the two could capture the packets containing your username and password in plaintext, and steal your account.
I'll see what Blast and Doug would like to do about it.
In the meantime, here are two simple security tips that you should follow wherever you go.
1) Do not reuse passwords
One of the most common ways accounts are compromised is when one website has a security breach of some kind, and the users use the same password on other sites. The bad guys will take the credentials they stole and try them everywhere else.
Don't ever do this. Most particularly don't ever reuse a password on a website that has critical information on it, such as anything to do with your financial life. To be clear, that means that once you use a password anywhere, you don't ever use the same password again, anywhere.
2) Don't use insecure wireless networks
Don't use wireless networks that are unencrypted or have weak security to login anywhere. It's trivially easy to capture packets on these networks, and your login credentials can be easily stolen.
Neither of these security tips are perfect or foolproof, but they're easy ways to make it harder for the bad guys to do bad things to you.
chaosmagnet
Previous Topic
Index
