Jim O Posted June 29, 2011 Share Posted June 29, 2011 We use SSL for login, but the only way to do it for registration is to make the entire site run using SSL. This adds to server resource consumption and creates problems for serving Google ads. Added to that is the fact that Nexus is not really ready for SSL yet (I'm told that's in the pipeline), using SSL site-wide not an option. Just as we like to protect passwords during logins, so should we protect personally identifiable or private information like dates of birth and email addresses, not to mention the initial password. The password reset form should also be made available under SSL as well Link to comment Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.