WebApp Sec mailing list archives
Re: Should login pages be protected by SSL?
From: Saqib Ali <docbook.xml () gmail com>
Date: Tue, 21 Jun 2005 07:15:08 -0700
In my opinion protecting the login using SSL is a good idea, and I do it myself. However it does not prevent from phishing etc. A phishing site owner can easily get a SSL protected website as well. I think a better approach is to use Netcraft Anti-Phishing toolbar < http://toolbar.netcraft.com/ > It clearly displays sites' hosting location, including country, helping you to evaluate fraudulent urls (e.g. the real citibank.com or barclays.co.uk sites are unlikely to be hosted in the former Soviet Union). -- In Peace, Saqib Ali http://www.xml-dev.com/
Current thread:
- Re: [summary] Re: Should login pages be protected by SSL?, (continued)
- Re: [summary] Re: Should login pages be protected by SSL? Michael Silk (Jun 24)
- Re: Should login pages be protected by SSL? Dave Ockwell-Jenner (Jun 22)
- Re: Should login pages be protected by SSL? Achim Hoffmann (Jun 23)
- Re: Should login pages be protected by SSL? Michael Silk (Jun 20)
- Re: Should login pages be protected by SSL? Andy bentley (Jun 20)
- RE: Should login pages be protected by SSL? Glenn Euloth (Jun 21)
- Re: Should login pages be protected by SSL? bluewizard83-de4gahsh (Jun 21)
- Re: Should login pages be protected by SSL? Peter Watkins (Jun 21)
- Re: Should login pages be protected by SSL? Kalyan Varma (Jun 21)
- Re: Should login pages be protected by SSL? Stefano Di Paola (Jun 21)
- Re: Should login pages be protected by SSL? Saqib Ali (Jun 21)
- Message not available
- Re: Should login pages be protected by SSL? Amir Herzberg (Jun 21)
- Re: Should login pages be protected by SSL? Saqib Ali (Jun 21)
- Re: Should login pages be protected by SSL? Ian Rogers (Jun 21)
- Re: Should login pages be protected by SSL? Amir Herzberg (Jun 21)
- Re: Should login pages be protected by SSL? Achim Hoffmann (Jun 21)
- Re: Should login pages be protected by SSL? Amir Herzberg (Jun 21)
- Re: Should login pages be protected by SSL? Amir Herzberg (Jun 21)
- Re: Should login pages be protected by SSL? Torsten Mueller (Jun 21)
- RE: Should login pages be protected by SSL? Almerindo Graziano (Jun 21)
- Webapp-level protection/detection of Pharming attacks WebAppSecurity [Technicalinfo.net] (Jun 21)