Quote:
Originally Posted by Berenburger
Why?
|
It increases the risk of accounts being hacked, with all the possible consequences that may have (impersonation, deletion, stealing personal info from the profile).
Furthermore, browsers and plugins are and will more and more complain (my password manager does, for example). Regardless of whether you feel this is right or not, it is bothersome and implementing https is a straightforward fix.
Quote:
Originally Posted by Berenburger
Asked before. Search on ‘https’ in this forum.
|
I did, it seems the administrator did not respond then.
Also, I saw people argue that because they didn't see this as a risky situation, it shouldn't be done, even if other users did consider the risk high enough to make it worth implementing https.
Furthermore, I saw people claim there would be connection problems. I don't see which, but in any case, plain http connections could in principle be still allowed as well.
Finally, any concerns about cost is now moot with Letsencrypt (I found it surprisingly easy to do for my sites, and I'm an amateur).
The only reason not to do it is if the administrator can't.