On Saturday, 12 April 2014 at 21:27:10 UTC, Nick Sabalausky wrote:
On 4/12/2014 11:21 AM, Dicebot wrote:
You do realize that, for example, forum.dlang.org does not use
https and
thus passwords are sent in plain text over the internet upon
every login
attempt anyway?
I didn't know that (I normally use the NNTP interface and have
only ever used forum.dlang.org sans-login). But, yea, that
should be fixed.
How would expect it to work? No secure connection of some sort
pretty much equals to plain text passwords, one way or another. I
am pretty sure forum.dlang.org account is not expected to be any
secure, we don't even reserve those nicknames from being used by
non-registered posters. It is just small convenience thing to
help track posts read.
