Posts Tagged ‘security’

Howto workaround not secured password field alert from Google Chrome 56

Since Google Chrome build 56, password fields will trigger a warning if the page in not secured (read: HTTPS).

If your are a webmaster, you may even have received this kind of alert message from Google like this one :

Unsecure password collection will trigger warning display in Chrome 56 for “your site”

The password field is a specific HTML field type, that will automatically mask the typed in characters, like the one below (yellow background) :

password field hides typed characters

password field hides typed characters

To avoid this warning, the best option is of course to move that page to HTTPS. However, if you cannot migrate the page to HTTPS yet because it is too expensive, or requires too much code changes, or you simply don’t want to implement HTTPS because it’s not worth the effort (nothing important behind this password field), here are 2 tricks to avoid the chrome 56 password warning message.

Avoiding the Chrome 56 password warning Read the rest of this entry »

Social Engineering strikes back

digitally destroyed

In a very detailed article, Mat Honan, a Wired.com journalist, explains how he’s digital life exploded in 15 minutes.

As he explains:

I realized something was wrong at about 5 p.m. on Friday. I was playing with my daughter when my iPhone suddenly powered down. I was expecting a call, so I went to plug it back in. Read the rest of this entry »

Is Worpdress 2.8.6 upgrade required ?

Wordpress Logo

Each time there is a new release, you’re invited to upgrade your wordpress setup.

In a perfect world, everyone is doing so. But in our (crazy) world, you may want to defer the upgrade. And regarding wordpress version 2.8.6, you would be right. Provided you’re not concerned by this security warning:

2.8.6 fixes two security problems that can be exploited by registered, logged in users who have posting privileges.  If you have untrusted authors on your blog, upgrading to 2.8.6 is recommended.

In other words, if only you (or trusted users) have posting privileges, you may just wait for next wordpress release :-)