Could you please enable SSL encryption on the login page so the passwords are encrypted? I'm too lazy to change my password every time I access this forum through via open WIFI.

thank you.

+1

There really isn't any reason anymore to not run the whole thing via SSL, not just the login pages. Slap an accelerator card into the server and the penalty on the server becomes negligible.
Yeah, VPN on open networks, blah blah, I'm too lazy for that, too.

I don't think PHPBB supports this.

I don't think PHPBB supports this.

Look under 'Cookie Secure.'
http://www.phpbb.com/support/documentat ... er_cookies

And Server Protocol…
http://www.phpbb.com/support/documentat ... r_settings

this would result in all forum running on https all the time, it would be a massive performance impact.

I don't think PHPBB supports this.

You can use http rewrite to send only logins to https server:

http://www.phpbb.com/community/viewtopi ... 5&start=15

I also have been wanting this for awhile now too. SSL is the way to go for login/password forms at least.

Think about it. If you are using open wifi without a vpn back to somewhere safe then your just asking for trouble. The MT forums have little to do with security at that point Having SSL would be nice of course.

All shared hosting sites prohibit proxies and vpns/ssh tunnels (except a few that are running thor and are using your traffic as a smoke screen) . Collocated servers, vps or even ec2 are pretty expensive.

That said I don't think VPN would be a substitute for https - especially now that ISPs are very much into data mining.