Forum » Feedback and Ideas

Reset Password link should be in https

  • Reset Password link should be in https

    I just tried reset password today. While rest of authentication stuff works over HTTPS, reset password, strangely enough defaults to HTTP.
    I suggest the link that you send in emails be converted to HTTPS.

    • tburny sa...
    • Forum Moderator
    • 9 maj 2012, 22:28
    Good point!
    I would take things even a bit further and offer a full HTTPS version of (not only the auth pages) to prevent cookie theft in wireless networks (home, cafe, wifi hotspot, there are many places from where you can browse :) ) Combine your favourite radio stations! | My Blog | scala-lastfmapi | Cache2k - A high performance Java in-memory cache
    P.S.: Do not click here
    throw new PokemonException(); //Gotta catch 'em all
    My forum post reflects my personal opinion :)
    • rfruth11 sa...
    • Användare
    • 13 maj 2012, 15:53

    • willfrei sa...
    • Användare
    • 8 jun 2012, 10:50


    Could you please do something about this? Especially in the current situation (lost password hashes, urging users to change passwords), this practically blocks users from doing the right thing (tm). I for one consider any password that hast been transferred over a non-encrypted channel as not safe (and you should, too!).

    Additionally, at least for German users, the HTTPS certificates do not match (they are only issued for, where the password change page is on Could you please at least comment on whether you are working on this problem? Or if there are any workarounds? I would really like to change my password, but under the current circumstances, I am just not able to do it in a safe way. Changing a potentially compromised password to a new one that is immediately potentially compromised as well amounts to nothing.

    Thank you and keep up the good work!

    • [Raderad användare] sa...
    • Användare
    • 8 jun 2012, 11:21
Anonyma användare kan inte skriva inlägg. Vänligen logga in eller skapa ett konto för att göra inlägg i forumen.