Your TMA Officers and Board of Directors
Support the TMA! ~ Traditional Muzzleloaders ~ The TMA is here for YOU!
*** JOIN in on the TMA 2024 POSTAL MATCH *** it's FREE for ALL !

For TMA related products, please check out the new TMA Store !

The Flintlock Paper

*** Folk Firearms Collective Videos ***



Author Topic: Insecure log-in?  (Read 5660 times)

Offline amm1851

  • TMA Forum Member
  • ***
  • Posts: 372
  • Location: WA
Insecure log-in?
« on: March 16, 2017, 04:54:06 PM »
I just updated my Mozilla Firefox browser (had no choice), and when I tried to log in here I got a pop-up message telling me that the log-in to the site is insecure and my password could be vulnerable. It recommended contacting an administrator, so that is what I am doing. Help?  :?
Life member, National Rifle Association
Molon labe

Spotted Bull

  • Guest
Re: Insecure log-in?
« Reply #1 on: March 16, 2017, 05:36:18 PM »
I use Firefox daily. Your password isnt very vulnerable. Is there a way to bypass that message and go on to the site?

Offline Uncle Russ

  • TMA Contributing Member
  • ***
  • Posts: 7342
  • TMA Founder. Walk softly & carry a big Smoothbore!
  • TMA Member: Founder / Charter Member #004
  • Location: Columbia Basin, Washington State
Re: Insecure log-in?
« Reply #2 on: March 16, 2017, 06:27:45 PM »
FWIW; I recall a similar message from Firefox months ago...I soon figured out it wouldn't go away as long as I used that Bookmark, so I deleted the Bookmark, did a fresh search for TMA, logged in at that time and created a new Bookmark.

Since that time I have received that same message on a couple other websites I visit pretty regularly, but I have not done anything about it.

I, personally, don't think any website is totally secure, and that is the reason for passwords IMO. And, I don't know why Firefox does that with "some" websites and not others.

I'm pretty sure our Admin will see this and respond accordingly and he is well qualified person to be doing so.

Uncle Russ...
It's the many things we don't do that totally sets us apart.
TMA Co-Founder / Charter Member# 4

Offline amm1851

  • TMA Forum Member
  • ***
  • Posts: 372
  • Location: WA
Re: Insecure log-in?
« Reply #3 on: March 16, 2017, 06:30:32 PM »
Sounds good.  Computer stuff usually has me bumfoozled!
Life member, National Rifle Association
Molon labe

Offline greyhunter

  • TMA Forum Member
  • ***
  • Posts: 1491
  • TMA Member: Membership #291, Expires 2/11/2019
Re: Insecure log-in?
« Reply #4 on: March 16, 2017, 10:31:37 PM »
I see that right after I sign out from the site, but always click on another web site so not too concerned with the temporary, insecure warning. Would be interesting to see if our webmaster can solve this.
Pa. TMA State Representative.[/color]
Member#291  2/11/19

Offline RobD

  • TMA Admin
  • ****
  • Posts: 3595
  • TMA President & Contributing Member
  • Location: NJ
Re: Insecure log-in?
« Reply #5 on: March 17, 2017, 06:55:03 AM »
why in the world firefox thought it prudent to put up that scary message about "insecure" and then add in the the little key images is beyond my comprehension ... other than perhaps it gives them (1) something to do, and (2) offer "new and improved functionality" that none of us need, and (3) are prepping all of us to BUY some third party product to "help" us with our computer security.

or, oh yes - this must be it ... to "protect" their butts from litigation.

basically, what they're saying with that login message is that the domain/server you are attempting to access is "insecure".  it means that the URL address of that domain begins with "http" and not "https" - the "s" is for a secure server.  if it's your website/domain/server, you pay more for the use of a secure server, which may not be as "secure" as you would expect.

our TMA server is not "secure".  our web address is "http://www.tradmla.org".  we have nothing to be "secure" about, nor are we looking to hack users machines.  but firefox wants you, the TMA forum user, to be aware that we (the TMA forum) is .... "insecure".  big woo.

here's the deal.  all wifi (WAN) computers are at some form of invasion/hacking risk.  if you plug directly into your cable router box (LAN) the risk diminishes greatly.  in the long run, it all depends on how much of your personal/financial info you store on your machine - and those that store any sensitive data that's not encrypted are at the greatest risk (actually, that's just foolish, don't do that!).

and it depends on how much sensitive data you want to send out across the internet.  sites that sell stuff and take your CREDIT CARD data should be trusted and secure.  freely giving out credit card info puts you, the buyer, at risk.  but this is a plastic society that now depends on credit card use for the very most part.  you do take a risk/gamble any time you use a credit card online - or hand it over to that teenager at the super market ... think about that, too.  it's a fraud/scammer/hacker jungle out there!  i have at least one credit card compromised in a six month period.  last year i had 3 cards compromised.  the credit card companies spend a fortune on this and yet they still make far more than a fortune in revenues.

i have 6 machines.  4 run the best computer operating system money can buy (but you can't buy it 'cause it's FREE), linux mint.  1 runs a dual boot of win7 and win10, 1 is a chromebook on win10.  firefox has been the best browser for me, and my machines use firefox as their default browser (though i can select and load other brand browsers with all machines).  

HOWEVER, there is a way to disable that annoying firefox "insecure" message ...

Here’s how to disable Firefox insecure password warnings:

Open a new tab, paste about:config into the address bar and hit enter.
   
If you see the “This Might Void Your Warranty” page, click the blue “I accept the risk!” button. Understand we are manually modifying Firefox’s default settings.

In the Search box at the top, paste insecure_field_warning.contextual.enabled

Double click the setting to change it to “false”, to disable Firefox’s insecure password warning.

Done! Now when you visit pages with HTTP login forms, the warning will no longer appear.


This part is totally Optional ---- IF you also want to restore autofill functionality, so that your saved login/password automatically populates in an HTTP form, keep the configuration page open and follow the next step.

In the Search Box on the about:config page, paste signon.autofillForms.http

Double click the setting to change it to “true,” this will enable autofill.

Offline amm1851

  • TMA Forum Member
  • ***
  • Posts: 372
  • Location: WA
Re: Insecure log-in?
« Reply #6 on: March 17, 2017, 10:32:03 AM »
Thanks Rob.  I understood very little of what you wrote (see "bumfoozled " comment above ), but it sounds like I have nothing to worry about.  :)
Life member, National Rifle Association
Molon labe

Offline Fletcher

  • TMA Forum Member
  • ***
  • Posts: 1511
    • http://www.glaciertraditionalarchery.com
Re: Insecure log-in?
« Reply #7 on: March 17, 2017, 10:40:12 AM »
I am using Google Chrome and as I said a few days ago every time I want to do an action on TMA I get a message box that makes me login all over again - every time !!!

The message box says this:
"In order to login you must be registered. Registering takes only a few moments but gives you increased capabilities. The board administrator may also grant additional permissions to registered users. Before you register please ensure you are familiar with our terms of use and related policies. Please ensure you read any forum rules as you navigate around the board."

I cannot seem to do anything about it - I even tried to register - but the system says I already am.
This has become more than annoying or frustrating.  Can someone tell me how to fix this?  Do I have to have you completely remove me then try to register again as a new user?  I want to use my same TMA name.  Or do I just quit trying and stop looking in here for awhile ?
Fletcher the Arrow Maker
Montana TMA State Representative
TMA Charter Member #143 exp 11/4/18
NRA Training Counselor
BSA National Camp School Director -
Shooting Sports
NRA Life Member
Flathead Valley Muzzleloaders

Offline RobD

  • TMA Admin
  • ****
  • Posts: 3595
  • TMA President & Contributing Member
  • Location: NJ
Re: Insecure log-in?
« Reply #8 on: March 17, 2017, 11:29:26 AM »
chromebooks - the worst "computer" cr@p perpetrated on the public ever by any company.

my wife has one of these abominations, i'll check it out and see if i can suss out yer problem, fletch.

Offline RobD

  • TMA Admin
  • ****
  • Posts: 3595
  • TMA President & Contributing Member
  • Location: NJ
Re: Insecure log-in?
« Reply #9 on: March 18, 2017, 06:19:07 AM »
Quote from: Fletcher
I am using Google Chrome and as I said a few days ago every time I want to do an action on TMA I get a message box that makes me login all over again - every time !!!

The message box says this:
"In order to login you must be registered. Registering takes only a few moments but gives you increased capabilities. The board administrator may also grant additional permissions to registered users. Before you register please ensure you are familiar with our terms of use and related policies. Please ensure you read any forum rules as you navigate around the board."

I cannot seem to do anything about it - I even tried to register - but the system says I already am.
This has become more than annoying or frustrating.  Can someone tell me how to fix this?  Do I have to have you completely remove me then try to register again as a new user?  I want to use my same TMA name.  Or do I just quit trying and stop looking in here for awhile ?

the TMA forum control panel allows me to reenter the board as a virtual "you".  in doing so on a chromebook, using the supplied chrome browser, i had no problem navigating the TMA forum and posting "as you".

so, i suspect the issues yer having is with your chrome book browser.  open the browser and enter its preferences control panel (click on the 3 vertical dots in the upper right hand corner of the screen), then click on "settings", at the bottom of that window/page click on "Show advanced settings ..." - down at the bottom of that page are two buttons: "Powerwash" and "Reset settings". 

it may be that one or more of the chrome browser "switches" needs "correcting", so clicking on "Reset settings" may do the trick for ya.  give it a try. 

if that doesn't work, clicking the "Powerwash" button will remove all your account data and force you to log back in from scratch - perhaps a lotta work for you with other website access, but it might be the fix ya need.  dunno for sure, but i can't see anything else specific to the problem yer having.

good luck!  ":*: