I would be uncomfortable if you are logging in on open/unsecured wifi. If you're home on your secured and encrypted wifi, I think the threat and resultant risk are very low. If you ever get that on your banking website, I'd be outrageously concerned.

In fact, as a PSA for Cyber Security Month (which it is), I'll add, please get 2 factor authentication turned on for all of your financial web resources.

quote:

Originally posted by r0gue:
If you ever get that on your banking website, I'd be outrageously concerned.

If you ever get that on your banking, any other financial, on-line store, in short: Any site with which you'll exchange sensitive information: DO NOT CONTINUE. Period!

That is why one should never disable that check. It's there for a reason.

quote:

Originally posted by ensigmatic:

quote:

Originally posted by r0gue:
If you ever get that on your banking website, I'd be outrageously concerned.

If you ever get that on your banking, any other financial, on-line store, in short: Any site with which you'll exchange sensitive information: DO NOT CONTINUE. Period!

That is why one should never disable that check. It's there for a reason.

Agreed 101%. That's is an excellent clarification.

Read rackrack's post here, and mine that follows:

https://sigforum.com/eve/forums...780064134#6780064134

There is absolutely no point in posting in this forum about how clever you are to detect a problem on some other website, explicitly spelling out virus names and the like. Keep that shit out of here. This is the result of such nonsense.

No posts about any scam emails you receive, or any websites you go to wherein you detected an issue. Keep it out of here. As soon as I see any such thing, it's going to be deleted.

Do not under any circumstances post the text of any email you receive that's clearly a scam. Do not without permission from forum management put the word "SCAM" in the subject line of your thread or mention any virus names.

Good grief, just leave us out of it. We're here just minding our own business. Do not involve us in any such things. The thread I deleted was talking about a threat on some other website, and it mentioned virus file names and why the person who started the thread felt the need to post it here, I have no idea. Leave us out of it, completely.

Never again do I want to see such things here.

The result of all of this? Normally at this time on a Sunday morning, there would be more members and guests online. I can only assume that some people are now avoiding the forum due to this Goddamned nonsense which has nothing to do with us.

That makes sense.

Essentially someone triggered a false positive by copy/pasting something that made Norton blow a gasket.

I got the same warning here, the S&W forum, the Ruger forum, and a couple of other gun forums. I'm not sure if I got it on the Glock forum but if you check "remember my password, it won't come up again.

The warning first came up on this forum after I used CCleaner to clean up some files. I know that this site did not become unsafe overnight so I don't worry about it.

quote:

Originally posted by parabellum:
How can I disable Insecure password warning in Firefox?

Please don't do this; that's not a per-site disabling, it will disable that for ALL sites. I think you'd want to be warned if your banking site suddenly turned HTTPS off for password permission.

I work in cybersecurity. I know that this site doesn't use HTTPS to secure logins or browsing, and really wish it would. But that's the admin decision and ce la vie.

That said, (and this isn't a dig at this site in particular at all): Don't use the same password here and anywhere else. In fact, never reuse passwords between sites, ever. Finding people who reuse passwords is a top hacker technique. There are tons of leaked passwords available for sale on the darkweb; perhaps you heard about Yahoo recently. If you used the same password on yahoo as you did on Google or your bank, then neither of those are safe.*

Figure out a password management scheme:
- You can trust an online service like LastPass.
- You can trust a standalone program like Keepass, and figure out a syncing solution (this is my preference)
- You can (yes, i'm being 100% serious) write down all your passwords on a piece of paper and leave it at home. Unless someone breaks into your house, your list is safe from any hackers.


* password hashing and salting makes this not 100% straight forward in all cases, just picking an 'in the news' example.

When it started doing it for me yesterday it said there was one computer threat. Now it says seven threats.

It's really frigging annoying popping up every time I open a new page.