https-Question

From: Wilhelm Kutting <wkutting@xxxxxxxx>
Date: Thu, 13 Jul 2006 16:13:24 +0200

Hello, i got a little understanding Problem.
on some http-Sites i can log into my Account with Name/Passwort.
The Form-Login-Page ist only http with form action directing to a "secure" https page.
So - in my understanding the username and password is send uncrypted over the Net.
Only the later Communication is done secure.

Am i right that only a https login-Form-page would be safe?
.

Follow-Ups:
- Re: https-Question
  - From: Sherm Pendley
- Re: https-Question
  - From: Nikita the Spider

Prev by Date: Re: is there a way
Next by Date: Re: https-Question
Previous by thread: centering web site pages
Next by thread: Re: https-Question
Index(es):
- Date
- Thread

Relevant Pages

Re: Is this REALLY a secure site?
... >> How can anyone really know if an SSL or HTTPS connection is truly ... Even if it is theoretically secure ... major credit card company wound up making the authorization against my ... > site uses a numerical IP address: those are always bogus. ...
(microsoft.public.windowsxp.general)
Re: Secure an upload page
... The most secure way to do downloads might be to use NTFS ... If the upload page ... I am using https ...
(microsoft.public.inetserver.iis.security)
Re: At What Point Does the Security Begin?
... All secure forms examine this variable, and if empty redirect to the ... all pages behind the login are posted through SSL. ... in which I understand .NET uses a cookie behind ... not secure (it's called at http, not https) but posts to a page ...
(microsoft.public.dotnet.security)
Re: Ethernet cable question.
... I have developed Web HTTPS site ... solutions on the server and on the client end. ... *CAN* be secure. ...
(microsoft.public.windows.vista.general)
Re: Setting up HTTPS w/subdomain on Apache2
... Secure data transfer ... The docs recommended using SSL, ... I'm mistaken, HTTP w/SSL = HTTPS. ... Authentication would be basic or digest (Personally I'm using basic ...
(Ubuntu)