Flavorable wrote:Tusillody wrote:williewest wrote:orangeandblack5 wrote:Now would be a great time to switch to https for the forums too, no? Unless I'm seeing things my browser keeps flashing "WEBSITE NOT SECURE" at me in bright red every time I try to log in lol
I can help with this. From what I've just tested, going into your bookmarks and editing the BMG ones to contain https:// at the beginning, and also adding it to the url of the page you're currently on in the url bar does seem to make it default to https instead of http.
Alternatively, if your browser does
not do this as a function or it reverts back to http, there's a handy extension for Chrome, Firefox and Opera called Redirector by Einar Egilsson that can be used to make sure it redirects to https every time a BMG site is entered.
Edit: Better alternative- "HTTPS everywhere" (Thank kristian818 a couple posts down)
I have just logged into the town of salem website and was redirected here with an insecure link. We should not have to add the "s" to "https", these devs have left all of our data wide open for years. Now it's caught up to all of us.
"We're not a large company we are an indie company"
This excuse is bollocks. No excuse is good enough for all of the incompetence from this team. They will find the legal trouble they deserve, and soon.
I sincerely doubt there's any legal trouble over this. No one is ever obligated to use an https website.
I hope you are playing dumb, I do not mean they will find legal trouble over their https problem, but the data breach of almost 7 million accounts. No mass email to warn people, no way to request what info they store, they are in SERIOUS violation of GDPR and I'm excited to see what happens next.
Edit: Just saw TurdPile's comment on GDPR time limit being 72 hours. This breach happened on December 22nd according to DeHashed and December 28th according to HaveIBeenPwnd.. That's a little longer than 72 hours. If you (The devs) expect anyone to believe that you had no clue about the breach until today then you're dumber than you think we are.
Further edit: Data from this breach was being sold on December 10th. Good luck with the GDPR.