Tips and Tricks HQ Support

Support site for Tips and Tricks HQ premium products

  • Home
  • Contact Us
  • Documentation
  • Forum Home
    • Forum
    • Forum Search
    • Forum Login
    • Forum Registration

Is an unsecured login form ok for member login?

by

Tips and Tricks HQ Support Portal › Forums › WP eStore Forum › Is an unsecured login form ok for member login?

Tagged: secure login, security, SSL, ssl certificate

  • This topic has 6 replies, 3 voices, and was last updated 10 years, 9 months ago by sophie1.
Viewing 7 posts - 1 through 7 (of 7 total)
  • Author
    Posts
  • July 20, 2014 at 7:07 pm #11211
    sophie1
    Member

    I’m using estore and emember. Is it ok that the login page is unsecured? I’m totally ignorant on the issue, but I’m hoping that securing the login page would b overkill. I just read an article talking about the “dangers” of unsecured login pages. Thanks for your help!

    July 20, 2014 at 8:10 pm #64484
    wzp
    Moderator

    What do you mean by “secured” and “unsecured?” If the login page is “secured” (i.e. protected), how does a person “see it,” in order to log in?

    July 20, 2014 at 9:59 pm #64485
    sophie1
    Member

    hi. i’m getting set to launch my site and trying to learn what the security issues are that i’m supposed to address. I just installed your security plugin and got the security strength meter up to 230, which i’m hoping is pretty good. I’m also using blogvault to back up my site regularly. Should i be concerned that someone can easily discover the password and username of one of my members (i have a free membership level)? I was thinking that if they can do that, then they can access the link leading to all the videos the member has purchased. I realize there is a point where maybe I should just be happy I made a sale to the original user, and that not everything can be prevented. Your thoughts?

    thanks!

    July 20, 2014 at 10:35 pm #64486
    wzp
    Moderator

    Should i be concerned that someone can easily discover the password and username of one of my members (i have a free membership level)? I was thinking that if they can do that, then they can access the link leading to all the videos the member has purchased.

    Unless you are running a CIPA complaint website, or Bitcoin exchange, you have no legal obligation to protect your users from themselves. At some point, personal responsibility has to “kick in.” Here is a sample of something you might place in your Terms & Conditions:

    A password is a confidential string of keyboard characters, known only to a registered user and the computer system upon which mysite.com operates. The password is the means by which a user authenticates their username to the mysite.com website. Each registered user is accountable for the confidentiality of their own password. If a user’s password becomes compromised, it is the user’s responsibility to change their password. Users are wholly accountable for unauthorized obtainment of information, goods and services that may occur if their password is compromised. Passwords are subject to periodic audits, to determine their “strength.” Users may be advised that their password is “weak,” and that a “stronger” password should be chosen. This advisement, regrading the strength or weakness of a password, does not depreciate a user’s accountability for maintaining the confidentiality of their password.

    July 20, 2014 at 11:02 pm #64487
    sophie1
    Member

    Sounds good to me! thanks.

    July 20, 2014 at 11:58 pm #64488
    admin
    Keymaster

    If you wanted to install SSL certificate on your site and make the member login page more secure (by using HTTPS URL), you are free to do that. The plugin will work fine with SSL certificate.

    The setup you have now is perfectly fine in my opinion (you can install SSL certificate later when your site grows).

    July 21, 2014 at 2:45 am #64489
    sophie1
    Member

    thanks again. by the way, i just enabled the cookie/brute force attack feature and i didnt get locked out, so I guess that’s working. But just wanted to mention that the link to the tutorial video wouldn’t work for me. I appreciate all the help.

  • Author
    Posts
Viewing 7 posts - 1 through 7 (of 7 total)
  • You must be logged in to reply to this topic.
Log In

Forum Related

  • Forum Home
  • Forum Search
  • Forum Registration
  • Forum Login

Support Related Forms

  • Contact Us
  • Customer Support
  • Request a Plugin Update
  • Request Fresh Download Links

Useful Links

  • Plugin Upgrade Instructions
  • WP eStore Documentation
  • WP eMember Documentation
  • WP Affiliate Platform Documentation
  • Tips and Tricks HQ Home Page
  • Our Projects

Quick Setup Video Tutorials

  • WP eStore Video Tutorial
  • WP eMember Video Tutorial
  • WP Affiliate Platform Video Tutorial
  • Lightbox Ultimate Video Tutorial

Our Other Plugins

  • WP Express Checkout
  • Stripe Payments Plugin
  • Simple Shopping Cart Plugin
  • Simple Download Monitor

Copyright © 2025 | Tips and Tricks HQ