Home AMXForums Archive Threads AMX Website/Forums

Secure login into amx.com

maxifoxmaxifox Junior MemberPosts: 209
I would strongly vote for encryption of login credentials while submitting them to the site. Currently the credentials (username/password) are transmitted in clear and vulnerable to theft by trivial sniffing. The issue is getting higher as one connecting to his/her AMX account from various places, which security he cannot control - this is common for an AMX developer working onsite.

Would AMX consider to provide HTTPS for login page at least? I believe both parties will benefit from the move.

Basically, it can be done at zero cost, meaning without purchasing a certificate from a Certificate Authority, but using a self-signed certificate. I am sure, AMX has excellent IT staff to deal with the matter.

Comments

  • jjamesjjames AMX Sustaining Engineer Posts: 2,901
    I never noticed and am not that concerned, but I second the motion.
  • DHawthorneDHawthorne Junior Member Posts: 4,584
    I've always treated forum and website logins like the hotel doorman. He's not going to stop a concerted attempt to infiltrate the building, and only needs minimal ID to let you in. So I don't fuss much about such logins, and have very simple passwords. Any site that uses financial information, or sensitive private data - that's more like the clerk at the bank. They are harder to please, and I use "stronger" credentials.

    Bottom line is, I'm not fussed really. I don't order online with AMX, I pick up the telly. The very worst that could happen if someone hacked my web account is ... well, I don't think it would matter at all.
  • ericmedleyericmedley Senior Member - 4000+ posts Posts: 4,177
    maxifox wrote:
    I would strongly vote for encryption of login credentials while submitting them to the site. Currently the credentials (username/password) are transmitted in clear and vulnerable to theft by trivial sniffing. The issue is getting higher as one connecting to his/her AMX account from various places, which security he cannot control - this is common for an AMX developer working onsite.

    Would AMX consider to provide HTTPS for login page at least? I believe both parties will benefit from the move.

    Basically, it can be done at zero cost, meaning without purchasing a certificate from a Certificate Authority, but using a self-signed certificate. I am sure, AMX has excellent IT staff to deal with the matter.


    [my 2?]
    I suppose I would agree to such a change. It's not really going to cause much heartache at our end and it will help keep the riff raff out.

    I don't think making the whole site https would be such a good idea as we all know how these MySQL based forum sites can mess up an URL.

    [/my 2?]
  • maxifoxmaxifox Junior Member Posts: 209
    Ericmedley, not the whole site, of course. Submitting the credentials, at least...
    Exactly, like Yahoo or Google Mails are doing...
Sign In or Register to comment.