When it comes to thousands and thousands of users trying to find a special someone through one of many largest free online dating services, the love fest can be arriving at a conclusion. OkCupid is placing users’ privacy at risk by failing woefully to support secure use of its whole site through HTTPS. Every email that is okCupid talk session, search, clicked link, web page viewed, and username is sent on the internet in unencrypted plaintext, where it may be intercepted and look over by anybody in the system.
Screen shot from OkCupid Help Forum. While passwords after inital signup aren’t sent within the clear, there are various other serious protection problems with OkCupid.com.
“HTTPS” is standard web encryption that ensures information sent and received on the internet is encrypted in the place of as plaintext. OkCupid will not enable HTTPS across the website, meaning while OkCupid does not leak passwords entered log that is during over plaintext, it can leak plenty of other painful and sensitive data. OkCupid’s failure to offer HTTPS support possibly exposes:
- Email content from within OkCupid
- Content of online chats on OkCupid
- Queries conducted on the internet site
- Every page that is unique, and so all profiles looked over
- Content of “hidden” questions–questions a person reacts to so that you can enhance match outcomes then again marks as “private” so others cannot see his / her response
Failing woefully to offer HTTPS is especially unfortunate because OkCupid offers many different privacy-enhancing means of restricting who are able to access your profile.…