Insecure Login?
Jtring
Registered Users Posts: 675 Major grins
I just saw this. Given I'm clearly on an https site, I suspect my password manager, LastPass, isn't dealing with the popup login box correctly. But is it really possible there's something insecure here? Chrome 72.0.3626.96 on Win10/1809. Anybody else see anything like this?
.
Jim Ringland . . . . . jtringl.smugmug.com
0
Comments
Hello there,
It's not insecure - it has https at the beginning. The problem could be that your LastPass does not fancy the long url, please use the following link to see if you have the same issue: https://secure.smugmug.com/login
I hope this helps! If you would have any further questions, please don't hesitate to let us know.
Take care,
Bea
SmugMug Support Hero
SmugMug Support Hero | My website: www.beabird.net
Hello Bea,
Unfortunately, I got the same message using the shorter URL. LastPass explains here -- https://lastpass.com/support.php?cmd=showfaq&id=7336 -- what causes them to issue that warning. There is a perhaps-relevant discussion of the security of GET on stackoverflow (see https://stackoverflow.com/questions/37328684/should-i-use-get-or-post-when-requesting-sensitive-data). With the login page being https, I'm not all that worried about security, but I did want to a least flag the situation so you were aware of it. It is odd that I'm seeing it in Chrome but not in Firefox.
BTW, I asked here, rather than going right to the help desk, to see to see if anybody else had come across this. From the resounding quiet, it appears not.