Login page connection is not encrypted

Discussion in 'General Archive' started by nvmind, Jan 29, 2017.

Dear forum reader,

if you’d like to actively participate on the forum by joining discussions or starting your own threads or topics, please log into the game first. If you do not have a game account, you will need to register for one. We look forward to your next visit! CLICK HERE
Thread Status:
Not open for further replies.
  1. nvmind

    nvmind Forum Inhabitant

    I don't know about the client, but if you play from the browser, the login page, where you put your username and password, is not encrypted. Therefore anyone that sniffs in your network or anywhere on internet between you and the server can see your user and pass in clear text. No wonder so many accounts are hijacked.
    Moreover, having the bank account details saved within the game and the password sent over the network in clear text is a very bad combination.
    Can someone from the DSO team comment on this ?
     
    nvmind, Jan 29, 2017
    #1
  2. MikeyMetro

    MikeyMetro Forum Overlooker

    Wiley Wiggins (that mysterious shadowy figure behind the curtain :cool:) made this post that explains the situation.

    Luck be with ye,
    Mikey,
    Tegan

    p.s. If you read Mozilla's release notes from update 51.01 it somewhat makes sense o_O
     
    MikeyMetro, Jan 30, 2017
    #2
    Mal3ficent likes this.
  3. nvmind

    nvmind Forum Inhabitant

    Hopefully they are right and the browser is wrong. Thanks for the link.
     
    nvmind, Jan 30, 2017
    #3
  4. Sunlight

    Sunlight User

    Hey there @nvmind ,

    As @MikeyMetro wrote (and thank you for your support), you can trust on our website. When you login, you will see that any security message will pop up and that warning message "Not secure" will disappear.


    So, don't worry and have fun ;)
    Cheers,
     
    Sunlight, Jan 30, 2017
    #4
  5. tassadar1977

    tassadar1977 Forum Expert

    I don't think it was the new browser changes that were getting commented upon, but the fact that it doesn't use https and sends login information in clear text
     
    tassadar1977, Jan 30, 2017
    #5
  6. MikeyMetro

    MikeyMetro Forum Overlooker

    Nope, it was precisely the browser change that did this. I have my Firefox set to manually install updates. When the post was made by W.W. nothing changed on my login since DSO had done nothing and I had not installed the update to my browser yet. As soon as I installed Firefox 51.01... presto chango, I get the cute little lock with the red line through it.

    As far as the login being sent in clear text just watch what is being loaded when you click on the login page. You are already on a secure net before you type in anything.

    Much ado about nothing... just roll with it ;)

    Luck be with ye,
    Mikey,
    Tegan
     
    MikeyMetro, Jan 31, 2017
    #6
  7. tassadar1977

    tassadar1977 Forum Expert

    just because the fact that the form action is https does not make it secure. if the page it is on is not secure then it could have easily had code injected in it to either keylog, or change the form action. I don't use firefox so cant comment on the changes to that.
     
    tassadar1977, Jan 31, 2017
    #7
  8. ijzerreus

    ijzerreus Forum Apprentice

    I play using Firefox, this is the message given by Firefox:

    [​IMG]
     
    ijzerreus, Feb 1, 2017
    #8
Thread Status:
Not open for further replies.