Drupal’s administration login area is not secure by default. Usually there is an option in the configuration area of content management systems to set a secure area for logins, otherwise your username and password are sent in plain text over the internet.

Luckily, there is a module which enforces secure login on a Drupal install.

Drupal Module: Securepages

Although it is still in development, the 6.x-1.x-dev version worked great with my Drupal 6.4 installation.


Subscribe to comments via RSS 2.0 feed.
This post has no comments. Add your own.