Not logged inRunango Running Forum
Forum Reset Last Read Help Search Register Login
Up Topic General / Letters and Opinions / iOS 11.3 is telling me “website not secure”...
- - By The Beard (is wearing Arm Panties) [us] Date 2018-04-10 4:14 PM Edited 2018-04-10 4:28 PM
...for many sites that asks for a password, including runango.

Explanation here...

I’m assuming that nothing has changed with the websites pre and post Safari deeming them
“Not secure”. Is that correct?
Parent - - By Tommeke Date 2018-04-10 6:39 PM
By default browsers will warn you that a website is using http (unencrypted) and not https (encrypted connection). This means that things you send could be intercepted by third parties in the middle.
Unfortunately if you login, this means the username and password you send are not encrypted and can be sniffed by a network scanner.
I jusst tried it on myself (scanning the packets that fly through my wifi when logging into runango) and indeed I could catch my username and password.
Parent - By The Beard (is wearing Arm Panties) [us] Date 2018-04-10 7:50 PM
Parent - - By JimGo1 Date 2018-04-11 6:28 AM
The site is very susceptible to brute forcing passwords and a few other holes.  This may not seem like a big deal but it also has email accounts.  A lot of people use the same password for a lot of things so it could lead to big problems.  My advice would be pick a unique and complex password for runango.
Parent - By Tommeke Date 2018-04-11 7:47 AM
What Jim says.
Since, although a very entertaining forum, it's probably not the utmost critical system.
So, best to use a password on here that's different from anything you would use for e-mail or more critical systems.
Parent - By ironjen Date 2018-04-13 9:24 AM
Would it matter the password if my email login for this site is defunct and doesn't exist anymore?
Parent - - By jaszflamus (I like wool!) Date 2018-04-10 8:37 PM
Password-secure sites bother the heck out of me, and I'm on a jillion of them. I've gotten to the point that I follow most security protocols knowing that even doing so won't protect me. :meh: The answer, of course, lies in the words of Tom Cruise in Risky Business that sometimes you just gotta say what the fuck. If we worry too much about being out there, then we stop being out there. And there's so much out there. :cool:

Apple/Safari are way more secure than microsoft stuff. It's too bad that apple has such a small portion of the market. One way or the other, I'm with Tom Cruise.
Parent - By sideshowbob Date 2018-04-11 4:39 AM
Since iPhones and iPads are now ubiquitous, I’m not convinced that Apple is more secure than alternatives .
Parent - By Tommeke Date 2018-04-11 8:01 AM
I totally agree with Tom Cruise.
However, this is more of an internet protocol thing rather than one or the other operating system being more secure.
Most browsers on all systems will warn you that connections are not secure.

web requests and such are pretty old technology, so a lot is just send around in free text. So when you fill in boxes like your username and password, someone on the network (between your computer and the server) could potentially read that data packet.
Most likely these servers are linux, and your Apple system will just send these same requests just as happily. But once it's send it's in the intertubes, and that's where it can be sniffed.
Parent - - By tahoeblue (spamkiller) Date 2018-04-11 11:29 AM Edited 2018-04-11 12:29 PM
This site is not secure.  When you log in and enter your password, it is sent in unencrypted form to the server.  That means that anyone who is snooping the network can get your password.  I've made the mistake of logging in here while at nerd conferences and had my password swiped. 

Logging in from home is generally safe as most ISP's don't bother snooping their lines to try and get passwords to hack into accounts.  Logging in from any public infrastructure is something you should think twice about - you're really trusting the operator of those access points and networks to not be spying on their clients.

BTW - our friends at the NSA know everyones password here.  It's very good practice to use a very different password here than on any other account you have.  Standard hacking practice is to try your known password on other sites.  That's how I used to do it when Uncle paid me to do so.
Parent - - By Tommeke Date 2018-04-11 12:10 PM
Are you trying to deny responsibility for some of your lesser posts :wtf:: pbbt:
Parent - By tahoeblue (spamkiller) Date 2018-04-11 12:28 PM
Parent - - By Industrial Bell [us] Date 2018-04-12 7:28 AM
I'll just vent in here since this is the post that caused my current frustration. I had always just stayed logged in but yesterday I chose to change my password. Well when I first signed up for this site I tried using my user name from Runners World but this one wouldn't allow that many characters.  :mutmad:  So last night I get home and I'm logged out. I try signing in but got something wrong. So I sent for the link to reset the password, but it was with the email I had initially tried to sign up with. So now I have posted using this ridiculous user name. I will try to figure out the correct email address and get logged in properly.
Parent - - By elmtree Date 2018-04-12 10:15 AM
I can change your password for you.  Email me at elmtree24 at yahoo

ETA: actually I can change the email for you also - that will probably work better
Parent - - By IB Date 2018-04-12 1:24 PM
I'll do that. Oddly enough here at work I am logged in correctly. This is where I changed the password yesterday.
Parent - - By The Beard (is wearing Arm Panties) [us] Date 2018-04-12 1:34 PM
I thought that you liked change.

Parent - By IB Date 2018-04-12 1:57 PM
Up Topic General / Letters and Opinions / iOS 11.3 is telling me “website not secure”...

Powered by mwForum © 1999-2015 Markus Wichitill