Moderator
Jan Dembowski
(@jdembowski)
Forum Moderator and Brute Squad
If you mean are the user ID and passwords transmitted in the clear (not encrypted) then yes that is correct.
The password is stored in the database but the communication is transmitted in the clear unless you are using HTTPS.
Hello again,
I am still searching for the answer. I have found a plugin to help avoid a Brute Force Attack but nothing about encryption. What I am concerned with is someone listening when I sign into my control panel and henceforth stealing my username and password. This is why SSL Certificates are used to secure financial transactions and sensitive information like user names and passwords. Since bad people are listening and waiting for opportunities. I am not going to use my website for financial transaction. I have been hosting my website at my home on a server that I built. I created a self-signed certificate. I am going to move my site to Media Temple. When I do I will lose the use of my home made ssl cert. I thank you very much for reading this. I am sorry for being so paranoid. I am trying to make an educated decision.
Best regards,
Jan,
Thank you very much for replying. I was afraid that the password was in the clear. I will use ssl in that case!
Thanks again!
mroussin51
