https forms

[terms]

It seems that some content on this website is available over HTTPS but do not use HTTPS by default. A lot of forms are guilty of this. By default, several forms submit information over HTTP with no encryption. I found the registration and login page are guilty of this. The forms explicitly submit to URLs not using encryption even when you access that form over HTTPS. Furthermore, if you modify the form's action attribute to send to an HTTPS URL it works perfectly fine. So HTTPS is supported but explicitly not used for registration and logins. Passwords are being submitted unencrypted, no?

[gregathit]

This would be a question for the site Admin, which is Ashal.  Please PM him.

 

Thread Closed.

[Ashal]

Login submits to https, or at least it did last I checked, it must've gotten disabled by accident at some point. It should definitely be doing so now though.