SecurityFocus

Should login pages be protected by SSL? Jun 20 2005 04:20PM
Amir Herzberg (herzbea macs biu ac il) (7 replies)

Re: Should login pages be protected by SSL? Jun 21 2005 02:15PM
Saqib Ali (docbook xml gmail com)

In my opinion protecting the login using SSL is a good idea, and I do
it myself. However it does not prevent from phishing etc. A phishing
site owner can easily get a SSL protected website as well.

I think a better approach is to use Netcraft Anti-Phishing toolbar <
http://toolbar.netcraft.com/ >

It clearly displays sites' hosting location, including country,
helping you to evaluate fraudulent urls (e.g. the real citibank.com or
barclays.co.uk sites are unlikely to be hosted in the former Soviet
Union).

--
In Peace,
Saqib Ali
http://www.xml-dev.com/

[ reply ]

Re: Should login pages be protected by SSL? Jun 21 2005 11:40AM
Stefano Di Paola (stefano dipaola wisec it)

Re: Should login pages be protected by SSL? Jun 21 2005 09:14AM
Kalyan Varma (kalyan rtns org)

Re: Should login pages be protected by SSL? Jun 21 2005 06:28AM
bluewizard83-de4gahsh yahoo com

Re: Should login pages be protected by SSL? Jun 21 2005 12:42AM
Andy bentley (andy bentleyconsulting biz)

Re: Should login pages be protected by SSL? Jun 21 2005 12:23AM
Michael Silk (michaelslists gmail com)

Re: Should login pages be protected by SSL? Jun 20 2005 11:41PM
Andrew van der Stock (vanderaj greebo net)