SitePoint Sponsor

User Tag List

Results 1 to 2 of 2
  1. #1
    SitePoint Member
    Join Date
    Aug 2001
    Location
    Sussex, WI
    Posts
    20
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)

    Question Secure login form not on SSL?

    I think I have a pretty good understanding of what a Secure Socket Layer is for, but I have a question regarding how it's being used by some companies that puzzles me....

    One of my major clients is a community bank. They would like to put a login form for their online banking site on the home page of their web site.

    To me, a login name and password is information that should not be sent in plain text, so I would think that if a login form is put on the home page, the home page should be on a secure socket layer, no? (Well, I feel that the login page should not be on the homepage because most people won't know to type "https://" when visiting the site, hence I'd have to redirect all users to the secure portion of the site every time they hit the home page.)

    The reason why I'm asking this is that some *big banks* do have their login pages on a secure (SSL) page, where as some don't. For example, http://www.wellsfargo.com/ doesn't have their home page on an SSL, but they have a login form on it... is that a good idea? From my understanding, a username and password sent from the Wells Fargo home page would be sent in plain text from the client browser to the secure server... creating a security risk, no? Am I missing something? Wells Fargo's "security" link (just below the login form) claims that all communications are encrypted, even though the home page is not on an SSL... how is that possible?

    Thanks in advance...
    Sincerely,
    Todd M. Taylor

  2. #2
    SitePoint Member
    Join Date
    Aug 2001
    Location
    Sussex, WI
    Posts
    20
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)

    Thumbs up

    Ah... I found my answer on Google:

    http://groups.google.com/groups?hl=e...om%26rnum%3D65

    The above link discusses some pretty interesting points... worth the read if you had the same questions I did.
    Sincerely,
    Todd M. Taylor


Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •