1. Home

Coffee Appreciation

You are reading a single comment by @Stevethecoffee and its replies. Click here to read the full conversation.

  • Ordered a couple of bags of the Gaslight for the office, thanks Steve.

    One thing though... the password being sent via email when you set up an account. Tut tut.

    1. You shouldn't have the password, it should be hashed and impossible to be reversed back to plain text.
    2. Even if you have plain text or a reversible encryption... you should never ever send the password via plain text.

    Whilst we're here... most of your site is not SSL, actually is any of it? You should get your site behind SSL ASAP. If you sign up for the company I work for SSL is free https://www.cloudflare.com/ but it takes a couple of days for SSL to be activated.

    Not only would that protect your customers and their details, but Google considers SSL to be such a good thing that they increase your search engine placement if you have SSL. It's considered a positive signal by them.

    But aside from non-SSL worries, I look forward to the coffee :)

  • Cheers for that Velocio, I'll pass all that on to the website guy. Hope you enjoy the coffee :) Good job you gave me the heads-up, I managed to get it dispatched tonight.

  • Happy to give the web guy some pointers.

    Some of this will be very easy to fix, some more difficult.

    The instantly easy:

    1. Remove the password from the email template
    2. Sign up for CloudFlare and you'll get free-SSL (but doesn't work for IE6 users)
About

Avatar for Stevethecoffee @Stevethecoffee started

About Terms of Use Privacy Policy Cookie Policy Report a problem