What is the deal with not using HTTPS?

September 6, 2007

If you are running an enterprise application that authenticates a user for any reason, YOU NEED TO USE HTTPS! I’ve been irked lately by the large number of companies that have customers (or users) log into their accounts where things of great security are kept (social security numbers, credit card numbers, etc.), but send everything you would need to get to them over cleartext.
Read the rest of this entry »