SSL encryption

[ajd]

Could we please get SSL (HTTPS) enabled on this site?

SSL is generally a good thing to have, but now that Verified Airline Status has been launched - I have enough issues with giving my credentials to a third party, but I am most definitely not comfortable with entering authentication details over an insecure connection.

From the moment you enter your password, it is never stored as plain text.

Well, it's not stored in plain text - but given that there's no SSL nor any client-side encryption, it is most definitely transmitted in plain text.

 

[admin]

We actually have installed SSL on our server. The problem is that as the site wasn't designed to run on https pages, some cosmetic problems can occur if https is the default. We are looking at correcting this.

In the interim and if you prefer, you can use the https page. Simply replace "http" with "https" on the page you are viewing to use that page securely.

Different browsers have different ways of representing that the page is secure. Below is how the Settings>Edit Profile page looks on Chrome using https. The arrow points to the icon showing that the page is secure.

Could we please get SSL (HTTPS) enabled on this site?

SSL is generally a good thing to have, but now that Verified Airline Status has been launched - I have enough issues with giving my credentials to a third party, but I am most definitely not comfortable with entering authentication details over an insecure connection.



Well, it's not stored in plain text - but given that there's no SSL nor any client-side encryption, it is most definitely transmitted in plain text.

 

[DeKa]

Some food for thought: http://www.theregister.co.uk/2014/08/07/google_boosts_search_ranking_for_encrypted_websites/