|
 |
Skiba <abx### [at] babilon org> wrote:
> What is the sense of having password and typing it with ****** when it is not
> coded within hidden field without any secure connection?
So nobody can see on your screen what you typed. As the connection is never
secure, transferring it once more over the network doesn't really make it
less secure. However, on the server the password is stored using the usual
one-way hash method, so nobody can see the real password should povray.org
ever be broken in to.
And keep in mind that all browsers warn you by default if you submit
information though a regular http connection. The site never claims it is
secure either, only that we keep the data confidential (which is exactly
what we do).
> I know that's only
> user info but since further usage for registered users is planned then perhaps
> something more secure could be applied?
I know, ssl would be nice. Maybe in the future. However, only for the
password it is fairly pointless, nearly all the other information being
entered is public anyway...
> I thought further that things like
> buyed cdroms and keyrings will be attached to user info.
Well, it doesn't store address information so far and has no connection to
Chris' order pages. I don't expect this to change in the foreseeable
future.
Thorsten
____________________________________________________
Thorsten Froehlich, Duisburg, Germany
e-mail: tho### [at] trfde
Visit POV-Ray on the web: http://mac.povray.org
Post a reply to this message
|
|
