Beefy Boxes and Bandwidth Generously Provided by pair Networks vroom
"be consistent"
 
PerlMonks  

Re: Requiring old password in order to change your password

by andreas1234567 (Vicar)
on Jan 03, 2011 at 09:57 UTC ( #880163=note: print w/ replies, xml ) Need Help??


in reply to Requiring old password in order to change your password

the path of much bigger improvements in security
Is HTTPS support on the list?
--
No matter how great and destructive your problems may seem now, remember, you've probably only seen the tip of them. [1]


Comment on Re: Requiring old password in order to change your password
Re^2: Requiring old password in order to change your password (https)
by tye (Cardinal) on Jan 03, 2011 at 14:07 UTC

    Only for when logging in, yes.

    - tye        

      Thanks, that's one step in the right direction. Additionally, it would be great to consider (optionally) allowing https for all communications (not just logins) in your on-going security review of the site. Some claim SSL/TLS is not computationally expensive any more but that is of course subject to debate.

      Https everywhere is getting a lot of traction and the number of sites that supports https "all the way" is large and growing. It would be great to add perlmonks.org to the list:

      $ ls https-everywhere/src/chrome/content/rules/*.xml | wc -l 426
      --
      No matter how great and destructive your problems may seem now, remember, you've probably only seen the tip of them. [1]

        Yes, allowing https always is on the list after web server performance mitigation is sustained.

        - tye        

        Count me in. I strongly support the widespread use of https.

Log In?
Username:
Password:

What's my password?
Create A New User
Node Status?
node history
Node Type: note [id://880163]
help
Chatterbox?
and the web crawler heard nothing...

How do I use this? | Other CB clients
Other Users?
Others avoiding work at the Monastery: (5)
As of 2014-04-20 13:27 GMT
Sections?
Information?
Find Nodes?
Leftovers?
    Voting Booth?

    April first is:







    Results (485 votes), past polls