Add https to the forums


#1

Hopefully a simple request: switch the forums to use https aka SSL/TLS. That way I can use the site and not have to worry about getting my login stolen, malicious code injected along the way, or have an employer or wifi provider spying on me.


#2

Hey @GregS-

Thank you for the suggestion! I am not sure if that function is provided by our community platform provider, however I will look into it and see if that’s something that is possible.

Thanks for contributing to the community!

McKynzee :rachio:


#3

Bump. I just joined. Please put a TLS certificate in place on your web server(s) to support secure login. Our authentication credentials to the Rachio community are transmitted in the clear.


#4

Hey @Cybersavior-

We are looking to make some changes to the community in the near future, and this issue will be resolved :slight_smile:

McKynzee :rachio:


#5

When?


#6

@a0128958-

I can’t give solid dates but we are currently working on the transition. It involves some third parties so not entirely on our own timeline.

McKynzee :rachio:


#7

Good catch, @GregS!


#8

Yikes, I am bumping this too. People are likely going to use the same password as they used for the rach.io account in the forums system too. Not a best practice but a lot of people do that. In any case if their credentials are somehow grabbed, since they are sent in the clear over http as Greg mentioned, then a malicious person could do some pretty chaotic things with the affected system.

Thanks,
-Mark


#9

7 months later, bumping again.


#10

I think this is negligent on the part of Rachio. At least put up a warning that passwords are not private, so that for those that use the same password for many accounts (most people), they know to use something different for Rachio.

Best regards,

Bill


#11

Any update?


#12

@GregS

Done.

:cheers: