This topic contains 1 reply, has 2 voices. Last updated by Bruce 3 years, 7 months ago.
Topic Author | Topic |
---|---|
Posted: Monday May 20th, 2013 at 11:35 pm #50247 | |
Hello my friends, We use an SSL certificate that is verified, extended validation, 256-bit Secure Sockets Layer encryption for pages which use financial info (e.g. registration, upgrades and billing forms). We have a user who is concerned about: A. Logging into our site on public networks because we do not use SSL on the login page, and B. About pages with user data also not using SSL. They referenced the codex article: http://codex.wordpress.org/Administration_Over_SSL Their concern about packet sniffing user data sent in the clear seems valid. What are your recommendations about securing login, admin pages and user info pages? Thank you, Chris |