Skip to main content

hi,

I'm just a bit concerned about the seeming lack of security when logging in to the AS site.

as you're using your eBay login and password, it concerns me that no padlock appears in the status bar in IE when you're logging in (which would indicate that the submission of your details is secure)

I don't feel very safe about sending my eBay login details to an insecure site.

I feel this definitely should be fixed.

Edit: I just realised there's also a link to a 'secure sign-in' page (where the padlock does appear) - but why allow users to sign in insecurely at all? Why not remove the login/password boxes from the home page, and just provide the link to the secure sign-in page?
Original Post

Replies sorted oldest to newest

Some users browsers and computers don't work correctly with SSL. It's a small %, but still causes problems for some.

At the time we designed and built the site eBay's own servers did not offer secure login by default. It wasn't until early 2005 from what I can tell.

Since I don't anticipate us changing this in the near future here is the link to our secure sign in page for bookmarking:

https://www.auctionsniper.com/securelogin.aspx
Sniper Sara,

While your reply is helpful in letting us know why, it brings up even more questions.

- If the amount of users/browsers who can't use SSL is such a small percentile, then why support them and allow even more potential harm to be done with folks logging in non-securely? eBay login info is practically one of the top things that hackers, phishers, etc. are hunting for.

- I am a web developer and understand your concerns about the taxing of the servers if your entire site was secure. However, you aren't providing security where it is vitally needed. For instance, if I were needing to change my ebay login info under the 'Modify Account' area, that is completely non-secure! You are paying for the secure cert. Is it only being used through the inconspicuous 'secure login' link on the main page?

Been using Auction Sniper for a couple of years now and have referred a few as well. But I am now highly concerned with the choice of non-secure as default throughout the site. It seems to hurt your credibility.

Add Reply

Post
×
×
×
×
Link copied to your clipboard.
×