The Ubuntu community has contributed 15664 ideas, 77393 comments, 1416168 votes
| |
125
|
|
|
Use SSL for User Logins on Brainstorm and UbuntuForums Sites
|
|
Written by gmendoza the 7 Jul 08 at 02:35. Category: Security.
Related to: ubuntuforums.org.
New
|
|
I would appreciate it if both the brainstorm and ubuntuforums.org would be protected via SSL for login and cookie exchanges.
Virtually all other sites related to the wiki, documentation, launchpad, etc, use SSL, and I wish the same could be said about these as well.
In a recent forum discussion, some felt that there's no point to protecting those sites. But most will agree that many people use the same password for everything, and even though a compromise of a forum password may not seem like much, it could be an issue elsewhere.
Case in point, all wiki modifications show the IP address of those that make the changes. If this person uses the same password for the wiki as their forum account, not only is it a risk to the wiki, but if their personal machine is remotely accessible via SSH, etc, then that user is also at risk if the password is also the same on their computer.
Yes... people need to follow best practices... but if you have the ability to help people and it comes at virtually no cost to you, then why not?
Hope others feel the same way. Thanks for listening.
|
|
|
