No secure login?

[jfhtm350]

Not sure how long this has been going on but I just noticed that the login on the RR database and the Forum are not encrypted. Anyone who grabs the Post packet going from my computer to the server can easily have my login name and password, then login as me and get my information.

If I type https://www.radioreference.com/apps/account/ then encryption is available. Why is it not being utilized?
The forum wont load if I type in https:// so its unavailable.

 

[KI4RDO]

Really is that your biggest concern? Someone stealing your RR login. Yes it should be done as a precaution and for security reasons, but having my RR login secure is the least of my worries

Sent from my SAMSUNG-SGH-I337 using Tapatalk

 

[jfhtm350]

Well PM me your login name and password and we will see how concerned you get.

 

[n4yek]

Really is that your biggest concern? Someone stealing your RR login.

Have someone login in with your name, post some negative comment or do verbal attacks on other members or even a moderator and you will have you account banned.
So yea, it can be a problem

 

[RonnieUSA]

Not sure how long this has been going on but I just noticed that the login on the RR database and the Forum are not encrypted. Anyone who grabs the Post packet going from my computer to the server can easily have my login name and password, then login as me and get my information.

If I type https://www.radioreference.com/apps/account/ then encryption is available. Why is it not being utilized?
The forum wont load if I type in https:// so its unavailable.

You can log in to the main page using https://www.radioreference.com
Just tried it.

 

[jfhtm350]

I noticed If I go to https://www.radioreference.com/ then browse the RR links it will stay https://, but if you go to the forum it reverts back to http:// so you could not do the workaround at the forum.

 

[RonnieUSA]

I noticed If I go to https://www.radioreference.com/ then browse the RR links it will stay https://, but if you go to the forum it reverts back to http:// so you could not do the workaround at the forum.

No, but I tried, and it reverted hack to the http:, no secure link.

 

[QDP2012]

Not sure how long this has been going on but I just noticed that the login on the RR database and the Forum are not encrypted.

A thread from last year suggests that it has been this way for quite some time.

https (secure) enforced not working


EDIT: Here is a link to Mr. Blanton's reply on this same question, back in 2006:

Webwasher targets radioreference.com (post #17).


Hope this helps,

 

[jfhtm350]

I searched the forum but I could find nothing, thanks for the links.

It appears an administrator never bothered to answer the guys thread about this last year. It also appears one is not going to answer this one. There is more hacking going on today than there was 6 or 7 years ago and I dont provide anyone any more information than I care to loose, but alot of people are not like that. Ive been here for 3 years and just noticed it. Im a little wiser than I was 3 years ago also. They should put "This is not a secure login" in big letters on the login pages if they are not going to use encryption just for the benefit of the members so they will not put any info they care to loose either.

 

[blantonl]

I noticed If I go to https://www.radioreference.com/ then browse the RR links it will stay https://, but if you go to the forum it reverts back to http:// so you could not do the workaround at the forum.

We haven't implemented https for the forums but we'll get it on the roadmap and done here shortly.

 

[jfhtm350]

10-4. Thanks for replying and letting us know something.