Insecure Login?

JtringJtring Major grinsCaliforniaRegistered Users Posts: 559 Major grins

I just saw this. Given I'm clearly on an https site, I suspect my password manager, LastPass, isn't dealing with the popup login box correctly. But is it really possible there's something insecure here? Chrome 72.0.3626.96 on Win10/1809. Anybody else see anything like this?

.

Jim Ringland . . . . . jtringl.smugmug.com

Comments

  • BeaBea Bea SmugMug Support Hero Registered Users Posts: 97 Big grins

    Hello there,

    It's not insecure - it has https at the beginning. The problem could be that your LastPass does not fancy the long url, please use the following link to see if you have the same issue: https://secure.smugmug.com/login

    I hope this helps! If you would have any further questions, please don't hesitate to let us know.

    Take care,
    Bea
    SmugMug Support Hero

    Bea
    SmugMug Support Hero | My website: www.beabird.net
  • JtringJtring Major grins CaliforniaRegistered Users Posts: 559 Major grins

    Hello Bea,

    Unfortunately, I got the same message using the shorter URL. LastPass explains here -- https://lastpass.com/support.php?cmd=showfaq&id=7336 -- what causes them to issue that warning. There is a perhaps-relevant discussion of the security of GET on stackoverflow (see https://stackoverflow.com/questions/37328684/should-i-use-get-or-post-when-requesting-sensitive-data). With the login page being https, I'm not all that worried about security, but I did want to a least flag the situation so you were aware of it. It is odd that I'm seeing it in Chrome but not in Firefox.

    BTW, I asked here, rather than going right to the help desk, to see to see if anybody else had come across this. From the resounding quiet, it appears not.

    Jim Ringland . . . . . jtringl.smugmug.com
  • longernamelongername ukRegistered Users Posts: 2 Beginner grinner
    I have this happening every time I go to a smugmug page with a form. Thanks for identifying the source.
Sign In or Register to comment.