Jan. 24th, 2017

verushka70: Kowalski puts his hands to his head (Default)
I found out from this post that LJ has removed the secure https login, leaving only the insecure http login

So all LJ passwords have likely been or will be harvested for hacking.

GOD DAMN IT TO HELL.

I'm off to DW. My LJ updates will be READ ONLY x-posts from DW. Do not comment here any longer, please -- you won't get a reply!

ETA: As I understand it from LJ's own OpenID login FAQ, one can use OpenID on LJ because using an OpenID login/password completely bypasses. The relevent section says:

Identity accounts use a trust relationship between LiveJournal and the identity service to allow you to comment on LiveJournal using an identity others will recognize without having to create a standard LiveJournal account. LiveJournal does not gain access to your password for the identity service and the identity service does not gain access to your LiveJournal password if you have one.

So, for those comms that don't have a backup/sister comm on DW, I'm going to use my OpenID login to LJ.

If your OpenID is through LiveJournal, your password goes through Livejournal -- through the less secure http standard, which is easy to hack for password theft.

If your OpenID is through another OpenID identity service -- such as Google/Gmail -- your password does not go through Livejournal, it goes to your OpenID identity service, which should use https (Google/Gmail does).


I hope that clarifies somewhat... I know it is confusing!

This also means I have to use Gmail Circles, which I kind of loathe (and don't use). But whatever... at least it's more secure.

Profile

verushka70: Kowalski puts his hands to his head (Default)
verushka70

Most Popular Tags

June 2025

S M T W T F S
1234567
89 10 11 121314
15161718192021
22232425262728
2930     

Style Credit

Expand Cut Tags

No cut tags
Page generated Jun. 15th, 2025 06:54 am
Powered by Dreamwidth Studios