HTTPS
Grab our Forum Feed

+ Reply to Thread
Results 1 to 9 of 9

Thread: HTTPS

  1. #1
    Join Date
    Oct 2016
    Location
    Okay then. Minnesota.
    Posts
    48

    Thumbs up HTTPS

    please implement SSL or HTTPS.
    because passwords, user credentials are stored in plaintext

    its 2016, going on 2017.

    IBM's SoftLayer Technologies has certificates for their hosting, why are you not using them???
    ---
    2012 Chevrolet Volt Premium @ 105 MPG Average @ -25F Windchill. living the 120v life!
    ---
    Driver: You Are the Wheelman

  2. #2
    Join Date
    Apr 2013
    Location
    SF bay Area
    Posts
    588

    Default

    And Soon all no https website will be reported as unsafe ...
    https://webdesignledger.com/google-h...bsites-unsafe/

    If you cant afford your own certificate, services like Cloudflare can provide https at no cost.

  3. #3
    Join Date
    Sep 2016
    Location
    Chicago
    Posts
    49

    Default

    Yes, please.

  4. Remove Advertisements
    GM-Volt.com
    Advertisements

  5. Advertisement

  6. #4
    Join Date
    Feb 2011
    Posts
    325

    Default

    passwords are not stored plain text, they're md5 encrypted with unique double salts but we are working on updating to SSL

    Kyle

  7. #5
    Join Date
    Oct 2016
    Location
    Okay then. Minnesota.
    Posts
    48

    Default

    Cool! Thanks
    ---
    2012 Chevrolet Volt Premium @ 105 MPG Average @ -25F Windchill. living the 120v life!
    ---
    Driver: You Are the Wheelman

  8. #6
    Join Date
    Oct 2016
    Location
    Okay then. Minnesota.
    Posts
    48

    Default

    ---
    2012 Chevrolet Volt Premium @ 105 MPG Average @ -25F Windchill. living the 120v life!
    ---
    Driver: You Are the Wheelman

  9. #7
    Join Date
    Oct 2015
    Location
    Milwaukee, WI
    Posts
    1,583

    Default

    THe second URL isn't really very applicable, and the first describes a process of getting a certificate signed by a Certificate Authority that was bought by another CA that is known to sign bogus certificates and consequently *both* of the CAs are no longer trusted by Chrome, Mozilla, or Safari.

    Basically, the only "help" that's needed for this, I'm sure, is someone to come up with five hundred dollars a year to get a certificate from a good CA. That's just how much money it costs to be trustworthy these days.
    2012 Standard w/ Navigation

  10. #8
    Join Date
    Oct 2016
    Location
    ATL
    Posts
    21

    Exclamation

    Quote Originally Posted by admin View Post
    passwords are not stored plain text, they're md5 encrypted with unique double salts but we are working on updating to SSL

    Kyle
    But none of that matters when the password is sent over the internet in plaintext.

    I would highly suggest that all users have a unique password for gm-volt that they don't use anywhere else.

    Let's Encrypt is one option (with pros and cons) for getting HTTPS. Pro: Free, Con: Not trusted by IE(?)

  11. #9
    Join Date
    Jul 2011
    Location
    San Antonio, Texas
    Posts
    1,746

    Default

    Quote Originally Posted by driver779 View Post
    please implement SSL or HTTPS.
    because passwords, user credentials are stored in plaintext

    its 2016, going on 2017.

    IBM's SoftLayer Technologies has certificates for their hosting, why are you not using them???
    You are so right.

+ Reply to Thread

Quick Reply Quick Reply

  • Decrease Size
    Increase Size
  • Remove Text Formatting
  • Insert LinkInsert ImageInsert Video
  • Wrap [QUOTE] tags around selected text

Similar Threads

  1. Warranty staus change issue over at https://my.chevrolet.com
    By somms in forum Care, Maintenance & Service - Chevy Volt
    Replies: 4
    Last Post: 04-27-2016, 02:08 PM

Bookmarks

Posting Permissions

  • You may post new threads
  • You may post replies
  • You may not post attachments
  • You may not edit your posts