LoginSuggestion/question: secure login
VIP
robelanator
17 years, 2 months ago at Mar 24 14:21 - I noticed that the Listal login page doesn't use SSL. I hope we're not passing our usernames/passwords to the server in plain text! I use Tor pretty regularly and there are all kinds of folks sniffing exit nodes out there.
Phil
17 years, 2 months ago at Mar 24 23:04 - It's plain text. To be fair, there's not really sensitive data on your profiles. If you're actually concerned about it, then make sure your password is different to any others you use (it should be anyway as a matter of good practice).
Deleted user
Deleted
17 years, 2 months ago at Mar 24 23:11 - I recommend changing it every 70 days
Deleted user
Deleted
17 years, 2 months ago at Mar 25 9:10 - We're going to have to beef up security relatively soon. At any given moment someone could start a profile, post the same picture 500 times, and proceed to completely destroy the database.
Phil
17 years, 2 months ago at Mar 25 21:55 - You mean flood the database? In that case you want captchas added for new registrations.
Deleted user
Deleted
17 years, 2 months ago at Mar 25 22:33 - Captchas aren't a bad idea, but I mean if someone wanted to they could go on a massacre of destruction deleting item information and all that blues. Some members use their powers for good, renaming thousands of items to DUPLICATE and like activity, but evil occasionally surpasses 5000 points.
Phil
17 years, 2 months ago at Mar 26 1:09 - Ah, see what you mean.
Guess the best protection against that would be some kind of system where members edits are flagged up to trusted moderators until they've proved themselves to be a "good" editor or something similar. If they're making nonsense changes, then a quick link for mods could allow for reverts. Could also add flood protection if you want - not more than x edits per minute or something.
Guess the best protection against that would be some kind of system where members edits are flagged up to trusted moderators until they've proved themselves to be a "good" editor or something similar. If they're making nonsense changes, then a quick link for mods could allow for reverts. Could also add flood protection if you want - not more than x edits per minute or something.
