Zholef
Warlord
- Joined
- Feb 20, 2014
- Messages
- 192
You've recently given this website a makeover, made it pretty for the release of Civ6 and more compatible with smartphones, I hear. That's something, I guess, but everyone's passwords are still transmitted in cleartext, meaning they can be seen by anyone in between this website and its users' end devices, for example by the owner of a hotspot. With that in mind, you might as well post everyone's passwords on the front page and that would make all our accounts only sightly less secure. My point is, buy a certificate and allow access through HTTPS. I don't mean to sound ungrateful; this is a wonderful if insecure free-to-use website, but it's almost 2017 and not using encryption is getting embarrassing. Anyway, just a suggestion.