Insecure Login?

JtringJtring Major grinsCaliforniaPosts: 462Registered Users Major grins

I just saw this. Given I'm clearly on an https site, I suspect my password manager, LastPass, isn't dealing with the popup login box correctly. But is it really possible there's something insecure here? Chrome 72.0.3626.96 on Win10/1809. Anybody else see anything like this?

.

Jim Ringland . . . . . jtringl.smugmug.com

Comments

  • BeaBea Bea SmugMug Support Hero Posts: 95Registered Users Big grins

    Hello there,

    It's not insecure - it has https at the beginning. The problem could be that your LastPass does not fancy the long url, please use the following link to see if you have the same issue: https://secure.smugmug.com/login

    I hope this helps! If you would have any further questions, please don't hesitate to let us know.

    Take care,
    Bea
    SmugMug Support Hero

    Bea
    SmugMug Support Hero | My website: www.beabird.net
  • JtringJtring Major grins CaliforniaPosts: 462Registered Users Major grins

    Hello Bea,

    Unfortunately, I got the same message using the shorter URL. LastPass explains here -- https://lastpass.com/support.php?cmd=showfaq&id=7336 -- what causes them to issue that warning. There is a perhaps-relevant discussion of the security of GET on stackoverflow (see https://stackoverflow.com/questions/37328684/should-i-use-get-or-post-when-requesting-sensitive-data). With the login page being https, I'm not all that worried about security, but I did want to a least flag the situation so you were aware of it. It is odd that I'm seeing it in Chrome but not in Firefox.

    BTW, I asked here, rather than going right to the help desk, to see to see if anybody else had come across this. From the resounding quiet, it appears not.

    Jim Ringland . . . . . jtringl.smugmug.com
Sign In or Register to comment.