QUOTE(trick-e @ May 31 2019, 08:14 PM)
I would clarify and add that it’s not a big deal unless one uses the same credentials for another site or account. Don’t do that. If a bad actor gets your credentials to a non-secure site, they will be the first credentials they try to hack your email or banking account with. Make your passwords unique gang.
Just to clarify, having a "unsecure" login page on 914world means that someone can theoretically get your 914world password if:
- They hacked your computer and intercept your login message. However, at that point they probably already have a key-logger installed, so even if we had a SSL certificate, you'd still be hacked and your password would be compromised.
- Your ISPs router(s) are hacked
- Our server is hacked
That's pretty much it. If none of the above is true, there is no difference between a "secure" login page and a "unsecure" login page.
PS: Having separate passwords is good advice though. Don't use the same password for 914world and your online banking!