I've just switched from Gallery2 to Piwigo. I've searched my little heart out but didn't find any answers to my question. I want to ensure that credentials aren't passed in clear text when a user or admin logs in.
When I click on login I'm brought to the identification page but it isn't https. How can I fix this? Also, if I login from the identification menu, are those credentials being passed in clear text as well?
I'm running ubuntu 11.04 with Piwigo installed from the repos.
Thanks,
Offline
Hi mattonm,
Unless you have HTTPS (with a certificate and so on), credentials are passed in clear text. There is a solution based on Digest access authentication but it's not supported by all browsers as far as I remember.
Offline