🌍
English
Announcement
- [2024-04-17] Piwigo 14.4.0
- [2024-04-01] Piwigo in Hobbit runes
- [2024-03-01] Piwigo 14.3.0
- [2024-01-30] Piwigo 14.2.0
- [2023-12-29] Piwigo 14.1.0
#1 2011-08-30 18:32:27
- mattonm
- Member
- 2011-08-30
- 1
login security
I've just switched from Gallery2 to Piwigo. I've searched my little heart out but didn't find any answers to my question. I want to ensure that credentials aren't passed in clear text when a user or admin logs in.
When I click on login I'm brought to the identification page but it isn't https. How can I fix this? Also, if I login from the identification menu, are those credentials being passed in clear text as well?
I'm running ubuntu 11.04 with Piwigo installed from the repos.
Thanks,
Offline
#2 2011-08-31 20:25:50
- plg
- Piwigo Team
- Nantes, France, Europe
- 2002-04-05
- 13791
Re: login security
Hi mattonm,
Unless you have HTTPS (with a certificate and so on), credentials are passed in clear text. There is a solution based on Digest access authentication but it's not supported by all browsers as far as I remember.
Offline