- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Printer Friendly Page
Re: orbilogin.com not https
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
orbilogin.com not https
Why isn't orbilogin.com secured (https)? 1password notifies me that my password will be sent unencrypted. This does not make sense to have the admin website unsecured. Please explain.
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Re: orbilogin.com not https
This is a local connection and can only be accessed by devices on the local network this does not go out to the internet.
DarrenM
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Re: orbilogin.com not https
Local network or not, this should be required to go over HTTPS. Even more so now that Google Chrome is marking non-https sites as insecure. No network should be considered safe enough to send credentials over plain text. Ever. The fact that they support HTTPS when enabling remote access but omit it for local is just lazy. It tells us that the built-in server supports it but never added the option for local.
Netgear: when will this be enabled for local access? This is such a big oversight. Even the cheapest routers support it these days.
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Re: orbilogin.com not https
Agreed this should be HTTPS - this is 2018. "It doesn't go out to the Internet" doesn't really matter. What if there is a security issue on the inside of the network?
Saying it doesn't go out is like saying it's OK for me to have a written list of passwords - as long as I keep it *under* the keyboard.
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Re: orbilogin.com not https
@DarrenM, Yes, local networks have historically been considered secure, and they are commonly considered secure by many vendors, but one effect of the "IoT" revolution is that they must never (ever) be considered secure today. Home WiFi systems are notoriously vulnerable to the "drive by hacker in a van", and it's always been possible that some device you bought had been hacked, but now it far far worse. Some smart switches are hackable, so they can be returned to the store so the next owner's network can be exploited, but on a larger scale, if someone manages to hack into a smart switch vendor's site, then everyone who has one of those switches on their network becomes vulnerable.
Yes, there are ways to tighten security around each attack vector, but the local network should never be considered secure today.
• Introducing NETGEAR WiFi 7 Orbi 770 Series and Nighthawk RS300
• What is the difference between WiFi 6 and WiFi 7?
• Yes! WiFi 7 is backwards compatible with other Wifi devices? Learn more