For those who care about SSL and related security measures, the new forum app brings the following changes:
(1) Login credentials are submitted via SSL on thinksteroids.com
As we all know, logging in to a vbulletin site usually means sending your password unencrypted over plain text HTTP. Not to mention all the information being shared in PMs is stored unencrypted on vbulletin. So, MESO-Rx happily says goodbye to vbulletin.
(2) Passwords are protected with SHA256 cryptographic hash function on thinksteroids.com
Vbulletin -- at least 3.x and 4.x -- uses the obsolete MD5 hash:
http://www.vbulletin.com/forum/foru...vbulletin-using-for-user-passwords-protection
http://forums.anandtech.com/showthread.php?t=2342487
These are only a couple of reasons why MESO-Rx no longer uses vbulletin.
(1) Login credentials are submitted via SSL on thinksteroids.com
As we all know, logging in to a vbulletin site usually means sending your password unencrypted over plain text HTTP. Not to mention all the information being shared in PMs is stored unencrypted on vbulletin. So, MESO-Rx happily says goodbye to vbulletin.
(2) Passwords are protected with SHA256 cryptographic hash function on thinksteroids.com
Vbulletin -- at least 3.x and 4.x -- uses the obsolete MD5 hash:
http://www.vbulletin.com/forum/foru...vbulletin-using-for-user-passwords-protection
http://forums.anandtech.com/showthread.php?t=2342487
These are only a couple of reasons why MESO-Rx no longer uses vbulletin.
Last edited:
