Thread: Redirect HTTPS to HTTP for this forum?
View Single Post
Old 11 Dec 2016, 04:54 AM   #7
elvey
The "e" in e-mail
 
Join Date: Jan 2002
Location: San Francisco
Posts: 2,458
Quote:
Originally Posted by unlocktheinbox View Post
Can't hurt.

The computationally expensive part of HTTPS is the initial negotiation. After that, it's cheap. And you want that to protect passwords anyway. It's impractical at best to attempt to securely request or submit passwords over HTTP.

Any counterarguments probably addressed here.
elvey is offline   Reply With Quote