Discussions

PROJECTS
- prototypes
- future vision
BLOG
ABOUT
- our story
- faq
- partners

Posted By

Post

Started: 10/1/2009 9:52 AM

View Properties

curlyeng2

Insecure transmission of credentials?

I get the following warning having selected login with Live: "Although this page is encrypted, the information you have entered is to be sent over an unencrypted connection and could easily be read by a third party. Are you sure you want to continue sending this information?" This pops up twice. Not only is it a significant encumberance on the user, but I would expect it is not good practice to send unencrypted usernames and passwords? I cannot recommend moving to production unless these types of issues are addressed.

Posted: 10/2/2009 7:49 AM

View Properties

gshaw

I believe our Moodle hosting company spotted this as well and queried the lack of secure http during the process, I get the same messages when signing in from FireFox

Posted: 10/14/2009 5:08 AM

View Properties

curlyeng2

Thanks for response. I have found a route to fix with increasing security of Moodle hosting.