| Original message (1901 Views )
|
Replies: |
| PSN: n/a
XBL: n/a
Wii: Switch:SW-3634-5515-7312
STM: n/a
CFN: n/a
|  "Re(5):Paging Professor (HTTPS implementation)" , posted Sun 17 May 10:19:  
quote:
It worked for me on mobile, both in this thread and in an ancient one I tried as a test! Nice job, Prof! I’ll try on a computer later.
Cool! Did either of you need to retype your logins or anything, or was it like just as usual?
It's just like the usual, actually. Nothing seems to be broken, or at least from what I could tell.
Speaking of which, I was also wondering if enhanced password security would be something that could be implemented in the (hopefully very near) future, as well. Was thinking support for more complex passwords (special characters and the like) and an opt-in for 2-factor authentication (with support for authenticator apps like Google Authenticator and Authy), but it might be asking too much from such a close-knit board, not to mention the amount of people who would be ticked-off with the need for 2FA. Considering what's been happing though with more online accounts getitng hacked, it would be prudent to tighten or at least upgrade security a bit.
I'd like to hear from the community at the very least. Especially with more people at home due to the circumstance and with more people active online, it's something we should at least look into.
[this message was edited by sfried on Sun 17 May 10:30] |
| PSN: ShikyohMukuro
XBL: IAMDC1
Wii: n/a
STM: N/A
CFN: n/a
|  "Re(5):Re(10):Paging Professor (HTTPS implemen" , posted Wed 20 May 09:41
quote:
I have entered...the Grid. A digital frontier. Ah, I mean I have entered HTTPS Super Dimensional Space Fortress MMCafe via a PC this time, and can confirm that there was no need to log in again and things were working fine as long as I was in Expresso mode. Once I swapped to Classic mode (even within the MMC retro aesthetic, I prefer the most retro version possible), some avatars did indeed disappear, and the site connection was no longer secure. So it means that people -not- viewing in Expresso mode will suddenly stop seeing a lot of avatars. Broken Avatar Club is making a comeback!
Yeah, the external site avatars will disappear if you're viewing via classic mode in HTTPS-- it won't disappear in regular HTTP viewing!
It took about 2 days of various tweaking but I think the BBS and site itself is working relatively stable now with SSL. Some BBS Post-icons will break when a new reply goes up, but it'll fix itself on the next post/update after that so don't worry.
Everything is working fine on my end. Phone, tablet, desktop. I don't think I am using classic mode though. Glad you tweaked to for some security. Just keep in mind SSL is phasing out. TLS 1.2 and above will be the standard now.
Long Live I AM!
|
| | "Re(6):Re(10):Paging Professor (HTTPS implemen" , posted Wed 20 May 12:16:
quote:
I have entered...the Grid. A digital frontier. Ah, I mean I have entered HTTPS Super Dimensional Space Fortress MMCafe via a PC this time, and can confirm that there was no need to log in again and things were working fine as long as I was in Expresso mode. Once I swapped to Classic mode (even within the MMC retro aesthetic, I prefer the most retro version possible), some avatars did indeed disappear, and the site connection was no longer secure. So it means that people -not- viewing in Expresso mode will suddenly stop seeing a lot of avatars. Broken Avatar Club is making a comeback!
Yeah, the external site avatars will disappear if you're viewing via classic mode in HTTPS-- it won't disappear in regular HTTP viewing!
It took about 2 days of various tweaking but I think the BBS and site itself is working relatively stable now with SSL. Some BBS Post-icons will break when a new reply goes up, but it'll fix itself on the next post/update after that so don't worry.
Everything is working fine on my end. Phone, tablet, desktop. I don't think I am using classic mode though. Glad you tweaked to for some security. Just keep in mind SSL is phasing out. TLS 1.2 and above will be the standard now.
Thanks for the reminder-- I need to correct myself and say that MMCafe is working with TLS now (1.2 as of current), not SSL!
Edit: Forgot to mention, the site doesn't force HTTPS connection to users on classic mode, so if you're jumping from an old bookmark you'll still be seeing the site in HTTP connection. It reroutes for Expresso mode though.
[this message was edited by Professor on Wed 20 May 17:35] |
|
|
"Re(4):Re(10):Paging Professor (HTTPS implemen" , posted Mon 18 May 11:33:
