in reply to PerlMonks Certificate Expired

Btw I wouldn't mind if PerlMonks went back to use HTTP only.

You might not mind. I, OTOH, would mind that my credentials would go in the clear every time I logged in.

🦛

Replies are listed 'Best First'.
Re^2: PerlMonks Certificate Expired
by SankoR (Prior) on Sep 18, 2023 at 12:29 UTC
    At last check, passwords are still being stored in plain text here which is how they're able to send it to you if you forget it. Anyone worth worrying about would target the PM backend and leak all the passwords again not target individuals with mitm attacks.

    If this posts twice, it's because Chrome is making me submit everything a second time after verifying I still know the certificate is expired.

[reply]
      That's why I - and IMHO everyone else should - use an automatically generated password here.

      Whenever I forget it or need it for another browser I just check my emails searching for lanx and vroom.

      Your email account becomes your last line of defense ...

      update

      But most sites which allow resetting your password ultimately rely on the security of your email account.

      Cheers Rolf
      (addicted to the 𐍀𐌴𐍂𐌻 Programming Language :)
      Wikisyntax for the Monastery

[reply]
A reply falls below the community's threshold of quality. You may see it by logging in.

In Section Perl Monks Discussion