Complete

This community should be secure

  • 12 June 2013
  • 2 replies
  • 1530 views

Userlevel 2
It is using https, but does not provide identity information.
 
I am sure I don't have to point out to you, how this could be exploited.
 
It also just looks bad for a security company to ignore such a thing.

2 replies

Userlevel 7
If a user is visiting using HTTPS, everything on the page is encrypted except any content that is referenced using HTTP instead of HTTPS. e.g: certain images or fonts. The reason it is stating the certificate is not verified is because of the non-SSL assets and content on the page. Everything on the page that is using HTTPS is encrypted, which includes registration, login, private messages, posts, and any other personally identifiable information.
Userlevel 7
Badge +36
Please refer to the comment below for more information.

Reply