Hello all!

I have an issue with this site's security because, well, there isn't any. The login is not secure so password changes can be intercepted, and if I go to email account setup page you're printing the password out in plain text - not a good thing to do on an unsecure connection.

Are there any plans to make the site SSL-secured after login?

Best regards,
DM

Hello DM,

The control panel should be secure. It sounds like a site design problem (linking to http rather https). Can you let me know how you get to the control panel?

Thanks

[b]quote:Originally posted by cryowizard


Hello all!

I have an issue with this site's security because, well, there isn't any. The login is not secure so password changes can be intercepted, and if I go to email account setup page you're printing the password out in plain text - not a good thing to do on an unsecure connection.

Are there any plans to make the site SSL-secured after login?

Best regards,
DM
</blockquote id="quote"></font id="quote">

Bruce,

I agree it sounds like design problem -- if you go to www.discountasp.net and log in from the top left login form, you do not get an https link but a simple http.

http://www.discountasp.net/ControlPanel/default.aspx

I have substituted http with https and was connected securely. This leads me to believe the form simply has the wrong link.

Best,
DM

[b]quote:Originally posted by bruce

Hello DM,

The control panel should be secure. It sounds like a site design problem (linking to http rather https). Can you let me know how you get to the control panel?

Thanks

[b]quote:Originally posted by cryowizard


Hello all!

I have an issue with this site's security because, well, there isn't any. The login is not secure so password changes can be intercepted, and if I go to email account setup page you're printing the password out in plain text - not a good thing to do on an unsecure connection.

Are there any plans to make the site SSL-secured after login?

Best regards,
DM
</blockquote id="quote"></font id="quote">
</blockquote id="quote"></font id="quote">

Thanks for letting us know.

We will fix this problem asap. In the mean time you can go to https://my.discountasp.net

Thanks again.

[b]quote:Originally posted by cryowizard


Bruce,

I agree it sounds like design problem -- if you go to www.discountasp.net and log in from the top left login form, you do not get an https link but a simple http.

http://www.discountasp.net/ControlPanel/default.aspx

I have substituted http with https and was connected securely. This leads me to believe the form simply has the wrong link.

Best,
DM

[b]quote:Originally posted by bruce

Hello DM,

The control panel should be secure. It sounds like a site design problem (linking to http rather https). Can you let me know how you get to the control panel?

Thanks

[b]quote:Originally posted by cryowizard


Hello all!

I have an issue with this site's security because, well, there isn't any. The login is not secure so password changes can be intercepted, and if I go to email account setup page you're printing the password out in plain text - not a good thing to do on an unsecure connection.

Are there any plans to make the site SSL-secured after login?

Best regards,
DM
</blockquote id="quote"></font id="quote">
</blockquote id="quote"></font id="quote">
</blockquote id="quote"></font id="quote">

Hello,

I'm glad I read this thread.

Levi

Hi Levi

> Cleartext email passwords on management page. Is there a way to manage
> with SSL?

I'm not sure I understand your questions completely. If you are asking for a secure web-based method to do email, you can use the Secure Login link on your webmail interface to access a secure enviroment. However, please note that the secure environment will use our domain name (instead of yours).

If I haven't completely answered your question, please let us know.

Technical Support Department
DiscountASP.NET
The power of ASP.NET for less