Tag Computer Security

Random Thoughts on Improving Internet Security

I've recently been looking at implementing some kind of security for logging in to websites over http. The usual, simple solution for this is to switch over to https, but the vast majority of the world's web servers are serving http, and this includes all kinds of services with logins and passwords that people don't really think too carefully about. How likely is it that some username/password combination a given person uses for an insecure website (e.g. a blog, forum, or whatever) is also used for a secure website somewhere else? Even if https is secure (which is open to doubt), it's undermined by the insecurity of http.