Does anyone know a good explainer text why hybrid HTTP/HTTPS solutions (aka "only login encrypted") are always insecure?
-
-
there are all kinds of variants, and they're all bad
-
e.g. if you have a https login page, but people get to the login page from the http start page, that doesn't help either.
- 3 more replies
New conversation -
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.