Forum OpenACS Q&A: Re: Password in ClearText

Collapse
11: Re: Password in ClearText (response to 1)
Posted by Raad Al-Rawi on
To be fair, I think most people/organisations running OpenACS who require a secure login *will* use SSL - that's my impression anyway and that is what we have done at Cambridge University here in the UK. If you just have SSL running on the login page and one or two others, the performance hit is insignificant.

But Andrew S raised a good point about OpenACS.org - should it be configured to provide a secure login? As a showcase site I think it is something worth considering. Perhaps something for the next update?

<Raad>