On Jan 24, 2008 9:57 AM, Dawson, Michael <[EMAIL PROTECTED]> wrote: > For example, I may log in to my bank's web site using "michael" and > "password". The bank's web site is secure so I no worry. > > Then, I sign up for your church's web site and use the same username and > password combination. Now, if someone sniffs that unsecured connection, > they now have my bank username and password. > > While I agree that account identifying information should be encrypted in the database, I don't agree that the church is responsible for the end user's stupidity of using the same username/password for every website out there.
SSL for a church forum/cms login is overkill unless said church is accepting donations on the website. If they are, then they should be just as secured as any other merchant online. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~| Adobe® ColdFusion® 8 software 8 is the most important and dramatic release to date Get the Free Trial http://ad.doubleclick.net/clk;160198600;22374440;w Archive: http://www.houseoffusion.com/groups/CF-Talk/message.cfm/messageid:297329 Subscription: http://www.houseoffusion.com/groups/CF-Talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=89.70.4
