Opened 6 years ago

Closed 6 years ago

#1716 closed task (fixed)

Password change not SSL encrypted

Reported by: jsfan Owned by: jsfan
Priority: critical Milestone: 1.7
Component: BW General Keywords:
Cc:

Description (last modified by planetcruiser)

Currently the log in to BW is SSL-encrypted. However, the same doesn't apply to a password change via the preferences page. This doesn't make sense and should be rectified.

There is also the question if we could go all SSL. If you do it right, it shouldn't be too resource intensive (cf. http://www.imperialviolet.org/2010/06/25/overclocking-ssl.html).

Related tickets:

Change History (10)

comment:1 Changed 6 years ago by planetcruiser

  • Description modified (diff)

comment:2 Changed 6 years ago by TimLoal

  • Priority changed from minor to blocker

comment:3 Changed 6 years ago by globetrotter_tt

  • Priority changed from blocker to critical

This is not a bocker. Password change still works.

comment:4 Changed 6 years ago by TimLoal

I agree. Maybe the words used for the priority states are badly chosen. Priority is priority. There is a field of severity, in the trac documentation, which these words would be better suited to, but it seems to be disabled in our implementation.

Trac is far from perfect and maybe even not fit for purpose, to be clinical about an assessment. It will do though, for the moment, until we have time to look at production processes and tools, like this.

Whilst it is being used and not even fully, 'severity', we need to make it as useful as possible. In many issue tracking/resolving systems, it is common to over emphasise the categorisation of some issues, to draw focus and attention to them. This was my intention, of marking this to blocker, not so much to suggest that it was blocking the use of the site. Until we have a better system generally, I am in favour of picking targets in this way. If we can clear most of the critical tickets, we can use critical for this and not need to go, all the way, to blocker to highlight, issues.

Again this i feel is low hanging fruit that can be easily resolved and improve the professional impression of our work on this site.

LnP

comment:5 Changed 6 years ago by jsfan

  • Milestone Future deleted

Milestone Future deleted

comment:6 Changed 6 years ago by jsfan

  • Milestone set to unassigned
  • Owner set to jsfan
  • Status changed from new to assigned

comment:7 Changed 6 years ago by dima42

  • Status changed from assigned to local_testing

this is partially fixed along with #1717/#1947; moving remaining issues here into #2012

comment:8 Changed 6 years ago by shevek

  • Milestone changed from unassigned to 1.7
  • Status changed from local_testing to to_alpha

comment:9 Changed 6 years ago by shevek

  • Status changed from to_alpha to testing

Deployed to alpha. Please test.

comment:10 Changed 6 years ago by shevek

  • Resolution set to fixed
  • Status changed from testing to closed

Works fine.

Note: See TracTickets for help on using tickets.