Comment on Update: Site problems and our firewall upgrade

  1. LucyP Fri 17 Aug 2012 09:01PM UTC

    Hi there!

    It's fine to ask questions here, especially when it's so relevant to the topic of the post (although sometimes Support can be a bit faster to respond - not an issue for you today, though!).

    The firewall upgrade isn't related to https authentication, no. Very roughly speaking, https is a protocol designed to secure communication between your personal computer and another site - for example, it helps prevent someone 'sniffing' your wifi connection and stealing your password when you enter it. The firewall we're installing is designed to secure access to our servers, so it makes it harder for someone to launch an attack which actually accessed our servers and made them do stuff we don't want them to (like, say, giving up ALL the passwords stored on our servers).

    Currently we do have an SSL certificate (which verifies we are who we say we are) and we offer an https connection, but we don't have https authentication built into the app - this is normal for sites like ours which don't handle sensitive data such as payment details, social security numbers, etc. However, if you use a browser extension like https everywhere you will automatically take advantage of our https connection. We might consider integrating https authentication more fully in the future if it seemed necessary, but it's relatively low priority because we're not really handling the kind of data that is usually the target of the type of attacks it protects against.

    Passwords are stored encrypted on our servers and we practise other good security standards, for example we never email you your password in plain text. However, it is always a good idea to protect yourself on any site by ensuring you use a unique and strong password. :)

    I hope that makes sense and answers your question!

    Lucy
    AD&T / Communications / Support

    Addendum: For anyone else who might not previously have paid attention to those little icons in the browser and is now curious, Chrome have a guide to their Website security indicators.

    ETA: Whoops, I had this open in my browser and didn't realise Sam had also commented - much more succinctly than me!

    Last Edited Fri 17 Aug 2012 09:02PM UTC

    Comment Actions

    1. Homeless Fanfic Lover (Guest) Sat 18 Aug 2012 07:24AM UTC

      To LucyP and Sam_J:

      Wow, thanks for such a prompt reply! And thanks, both of your answers make a lot of sense. I'm just really paranoid about my internet safety, and want to make sure my information is protected. Can never be too careful now that identity theft is so common that they have commercials about it, lol. You guys are great and so is this website, and I hope you can get all of the bugs sorted out soon, or you just get more awesome coders (I'd offer, but I barely even know the basics). Keep up the fantastic work!

      Comment Actions