2012-08-25, 04:56 PM
Regardless of how many times we advise users not to, they often use the same password for multiple websites. This means that if someone catches your password even once, they can gain access to your entire online life. That's scary.
Securing an entire forum through SSL is usually unnecessary, but wherever passwords are required to be entered the use of Secure Socket Layer can deliver some piece of mind and show your member (and future members) that you give a damn about their privacy.
It would be incredibly handy if this was a available in the Admin section with a simple radio button, like: SSL on Login? Yes / No
The reason I believe this should be done through MyBB and not as a plugin is that plugins tend to fall behind with updates and become less dependable. Well, that and plugins can be submitted by anyone, and you never know if someone's actually harvesting passwords instead of helping to protect them. This would also be useful for people who operate both a forum and ecommerce website, as MyBB doesn't play well with integration at this time. This, in turn, causes members to sign up twice, once for the website and a second time for the forum. Chances are really strong that their password for both will be the same, which is a high security risk because their credit card information may be stored on the main website.
Just figured it was worth some consideration.
Securing an entire forum through SSL is usually unnecessary, but wherever passwords are required to be entered the use of Secure Socket Layer can deliver some piece of mind and show your member (and future members) that you give a damn about their privacy.
It would be incredibly handy if this was a available in the Admin section with a simple radio button, like: SSL on Login? Yes / No
The reason I believe this should be done through MyBB and not as a plugin is that plugins tend to fall behind with updates and become less dependable. Well, that and plugins can be submitted by anyone, and you never know if someone's actually harvesting passwords instead of helping to protect them. This would also be useful for people who operate both a forum and ecommerce website, as MyBB doesn't play well with integration at this time. This, in turn, causes members to sign up twice, once for the website and a second time for the forum. Chances are really strong that their password for both will be the same, which is a high security risk because their credit card information may be stored on the main website.
Just figured it was worth some consideration.