[Project_owners] Creating applications with Mozilla
grimholtz at yahoo.com
Wed Aug 24 07:36:49 EDT 2005
True about Yahoo, but as I wrote before--if you look at the HTML of
password before submitting it over HTTP. This "hides" your password
to snoopers, although it is susecptible to dictionary attacks. Gmail
does use SSL for login; not why you said they don't?
--- Michael Vincent <mv_van_rantwijk at yahoo.com> wrote:
> Eric Jung wrote:
> > --- Michael Vincent <mv_van_rantwijk at yahoo.com> wrote:
> >> Why on earth do you need 'hyper-secure' password for? I mean,
> >> data,
> >> even passwords, is send in plain text anyway. Most sites, even
> >> banks,
> >> don't even use SSL for all their pages!
> > Maybe the banks in The Netherlands work that way, but not here in
> > US! I used to work for Mellon, a large financial investment
> > in the US. We always used SSL. And all my personal banks use SSL.
> > FYI, yes, there are some sites which send passwords in clear-text
> > (like Yahoo! Mail), but if you look at their source code, you'll
> > HTTP. Granted, this isn't ideal because of sites like
> > http://gdataonline.com, but it's better than nothing. Why they
> > use SSL for login like gmail, I wish I knew. Anyway, I'm quite
> > surprised you've found banks which don't use SSL. I would stay
> > from them!
> Sure all banks use SSL for login sessions, but most forums like
> MozillaZine and (web)mail and others don't use SSL at all, or not
> on all
> pages. Just look at Gmail, Yahoo.com, Netscape.net et all ;)
> Project_owners mailing list
> Project_owners at mozdev.org
Do You Yahoo!?
Tired of spam? Yahoo! Mail has the best spam protection around
More information about the Project_owners