InformAction Forums

NoScripters and WebSec nerds of all lands, unite!
https://forums.informaction.com/

Question about logging in to sites

https://forums.informaction.com/viewtopic.php?t=3507

Page 1 of 1

Question about logging in to sites

Posted: Sat Jan 02, 2010 11:31 pm
by new2010
I've always wondered about logging into sites, if it can affect the sites security if NoScript is enabled.

For example, if I'm logging into a site with a username and password and NoScript is blocking stuff, is it possible that the sites security features are compromised (blocked) therefore compromising my user id and password?

Another similar question... if I want to be added to a sites email list and when I sign up to be on the list and no NoScript is blocking stuff, could my information I'm submitting be compromised? Or really on any form being filled out for that matter.

Thank you.

Re: Question about logging in to sites

Posted: Sat Jan 02, 2010 11:43 pm
by Giorgio Maone
The main thing you must watch for when entering data on a website you trust, is that the address starts with "https://": this is the most important seal of confidentiality for your data.
This given, having NoScript enabled can only increase your security, because it prevents XSS attacks from working around the confidentiality provided by SSL (https) and eavesdropping your credentials.

Re: Question about logging in to sites

Posted: Thu Jan 07, 2010 4:09 pm
by new2010
Thank you very much for your response.
All times are UTC
Page 1 of 1

Powered by phpBB® Forum Software © phpBB Limited