Re: Blog for rpmfusion.org
Till Maas wrote:
Everyone who logins in here for testing will send the used FAS
username and
password unencrypted through the internet.
Regards,
Till
My bad. Fixed to route all wp-login.php and wp-admin traffic over SSL.
I'm also going to speak with the FAS developers about whether they could
introduce an API key for each user that we would use to authenticate in
third-party systems such as this. That way even if an API key is
compromised it can't be used to compromise FAS itself.
Thanks
Chris