View Full Version : non-encrypted web forms
10-02-2004, 07:35 AM
Just wondering how others feel about providing personal information through non-encrypted web pages. Obviously, you wouldn't enter a credit card on a non-encrypted page, but what about other personal information such as name, address, and other personal data?
I was about to sign up for a web hosting service that has a multi-page sign up process. None of the pages is SSL-encrypted except the last one, for credit card details. Name, address, telephone number, etc. are not transmitted securely. Seems to me that info should be protected as well.
Is this common?
10-02-2004, 07:49 AM
I have rarely seen encrypted or otherwise secured simple sign-up and email forms.
For transactions involving credit cards or other forms of payment it is common and expected.
For anything else it is not actually. Besides it is hard and expensive to get a secure site certificate which allows you to use the https protocol for your web pages. Many web hosting services do not even offer this facility. On the other hand, third party shopping baskets and payment processing sites (like PayPal and banks) offer this service automatically.
10-02-2004, 10:41 AM
most of the time those forms goes directly to an e-mail address, however, the important issue here is the website credibility factor:
Look at the site and ask, "'I'm going to give you my money -- what are you going to give me?'" Are you going to give me the product? If it doesn't work can I get it returned? Are you going to spam me forever? Are you going to sell my name to all kinds of **** sites?
Find a concise, clear statement on the site: We will never give out your e-mail address for any reason.
10-02-2004, 02:44 PM
Chrisooc and Proteus, thanks for your helpful replies. I'm fairly new at online "shopping" and just being cautious here...
I just registered a domain name on godaddy.com and the entire process was secure, so I was surprised when I then went to sign up for a separate web host to find it was not. When I e-mailed the company they said only the last page (for credit card details) had SSL encryption.
After reading your replies, I understand this is common practice. The hosting company is otherwise reputable (from what I've read). My concern was about the information somehow being "intercepted" by a third party.
Thanks for weighing in.
10-02-2004, 10:51 PM
What I don't care for is the page where you enter your username and password -- and that page is not secure. What's the point of that? Of course once you log in, you're in a secure area.
However, I have found if you enter bogus data then click the button, you get a second chance from a secure page -- so that would be when I enter the real data.
Does not help you in this case, just a minor rant on my part.
vBulletin® v3.8.5, Copyright ©2000-2013, Jelsoft Enterprises Ltd.