Index Ask! Random

Question: Shoudl I provide passwords at unsecure sites?

Doug,

In a previous answer, you said I should never provide credit card/bank information over a site that is http instead of https.

What about passwords? Many sites, like message boards and other sites that require member login, are http instead of https. Isn't my password unsecure?

Thanks

Answer

You are absolutely right. Most message boards and other sites that have membership options do not handle your login information through a secure layer, which means it is unencrypted, and anyone who manages to intercept data packets can read it.

Does this mean you should never use sites like this? No. What it does mean is, you should have a password for unsecure sites which is different from passwords you use for banking and credit card transactions, or anything else which requires security.

When I join a message board, I am aware that there exists a tiny possibility that when I log in, someone might hack my account, but I really don't care, because hacking those membership passwords will not give the hacker access to anything more critical than the ability to post under my name. (And, to date, that has never happened)

What if you've already used a password that is used for secure transactions? Most sites have an option to change your password. Look for that option and change it to something else at your earliest convenience. I would also recommend changing your password for secure transactions as well.


Bookmark and Share