The Saving Advice Forums - A classic personal finance community.

Saving Advice Web Site - Security Tip

Collapse
X
Collapse
 
  • Page of 1
  • Filter
  • Time
  • Show
Clear All
new posts
Previous template Next
  • #1

    Saving Advice Web Site - Security Tip

    When you log on to SA, please be sure to type out the full address https://www.savingadvice.com

    If you just type savingadvice.com it will take you to an insecure login. According Mozilla (Firefox): "if you enter your password it could be stolen by eavesdroppers and attackers."
    Tags: None
  • #2
    Oh wow! I had been using the other one, or at least today! Luckily, I don't use this password for other sites, but I will definitely change it.

    How did you come to realize this, scfr?
    My other blog is Your Organized Friend.

    Comment

    • #3
      Hi Guys,

      This issue should be taken care of in the new tech upgrade. The mods are well aware of it.

      Best,

      James
      james.c.hendrickson@gmail.com
      202.468.6043

      Comment

      • #4
        Originally posted by creditcardfree View Post
        Oh wow! I had been using the other one, or at least today! Luckily, I don't use this password for other sites, but I will definitely change it.

        How did you come to realize this, scfr?
        I had also been using the other.

        When I updated to Firefox 51 I saw a padlock with red strike through and these warnings when I clicked for info:

        "Connection is not secure.
        Logins entered on this page could be compromised.

        This is a new feature that is available starting in Firefox version 51.

        Firefox will display a lock icon with red strike-through red strikethrough icon in the address bar when a login page you’re viewing does not have a secure connection. This is to inform you that if you enter your password it could be stolen by eavesdroppers and attackers."

        When I type in the full address with the S included, I see the green padlock with the message "Secure Connection."

        Comment

        • #5
          Originally posted by james.hendrickson View Post
          Hi Guys,

          This issue should be taken care of in the new tech upgrade. The mods are well aware of it.

          Best,

          James
          Thanks, James.
          So for now, the best thing is for anyone to type out the https address before logging in, yes?

          Comment

          • #6
            Hi Guys,

            The only additional information I can share on this is that saving advice uses an older architecture which does not use https, but gathers passwords. What's happening is the entire web industry is moving towards addressing this issue - google is aware and is penalizing sites that don't use https, so is Mozilla. Hence the warnings

            It's been on our radar screens for three weeks, the upgrade should be happening soon (in the next week or so), which should take care of the issue.

            Thanks for everyones patience and we are working to resolve the issue ASAP.

            - James
            james.c.hendrickson@gmail.com
            202.468.6043

            Comment

            • #7
              Wow. Thanks for the advise. Good thing, I have not had any similar experience when I visit this website.

              Comment

              • #8
                Originally posted by scfr View Post
                When you log on to SA, please be sure to type out the full address

                If you just type savingadvice .com it will take you to an insecure login. According Mozilla (Firefox): "if you enter your password it could be stolen by eavesdroppers and attackers."
                Yikes. Thanks for the tip.

                Comment

                Previous template Next
                Working...
                X