It seems we currently don't use or offer a SSL/https Login. For Security Reasons we should do this to protect users.
There might be some complications with this in setting a session cookie under HTTPS and using it under HTTP. Not sure, though. Might be okay.
Severity: normal → enhancement
Priority: -- → P5
Whiteboard: 02 hrs
I think this has been addressed and can be closed off, no?
Yeah, I think it's fixed, at least with respect to having turned the entire site over to HTTPS. If we ever want to shift away from HTTPS for most of the site, this will be an issue again. I'll mark this closed until / unless that happens.
Status: NEW → RESOLVED
Last Resolved: 9 years ago
Resolution: --- → FIXED
Product: Websites → Websites Graveyard
You need to log in before you can comment on or make changes to this bug.