Search:

Welcome

Login to contribute. Register if you haven't yet.

Need Support?

Search this site to find an answer. If you still need help, post a Question. Private or account-related support inquiries can be made at the Private Support forum.

Bills Ssl Options Suggestion

(Suggestion moved here from Suggestions page. This was entered on 2/8/06 by Bill. 

Suggest you provide an additional SSL OPTION for General Site Settings that is a variant of the existing LOGIN ONLY.

Please consider a LOGIN SSL AT USER OPTION option in addition to the current options that: (i) would allow both a technically naive user, and also sophisticated user, to Login either non-secure or secure (SSL); and also (ii) presents a slightly modified-version of the current Login screen with an additional new and explict "Optional Secure Login (SSL-based)" menu choice.  Except for these fundamental changes, otherwise it would be similar in respects to the current LOGIN ONLY site setting.

The proposed LOGIN SSL AT USER OPTION would allow the user to decide, help them select an optional Secure (SSL) Login conncection, and also just restrict the SSL connection option to Login, rahter than permitting HTTPS at user-discretion on a site-wide basis.  For the technically challenged user, they don't need to know about, nor be able to effectively use their browser address bar, to insert the appropriate "https" or "http" prefix for the URL in order to choose between a secure or non-secure Login.

What I had in mind in addition to the above, was to also allow the more sophisticated user to also use their browser to select a secure or non-secure Login (as does the current LOGIN ONLY setting) via browser URL specification of either

          https://SITENAME.editme.com
          or
          http://SITENAME.editme.com

In the case of the proposed LOGIN SSL AT USER OPTION,
a modified version of the usual Login page would be presented with an additional choice in the lower-left hand corner menu as follows:

     Register
     Optional Secure Login  (SSL-based)
     Forgot your password?
     ---------------------------------
     Need Help?

If the user were to take the "Optional Secure Login (SSL-based)" link from this Login page, they would be navigated or redirected to a Secure Login page with a secure HTTPS (SSL) connection. To work elegantly, you may also want to consider in this case changing the "Optional Secure Login (SSL-based)" menu chocie on the Secure Login page to flip for an inverse navigation choice for "Non-secure HTTP-based Login connection" to assist the technically naive user to back track.

If the premise makes sense, I would also suggest then to embellish "Need Help?" help.editeme.com/Loggingin page for Login or Secure Login with additional appropriate selected info from the help.editme.com/SSL . I would suggest you keep such info specific to SSL login related stuff, and just provide a link to additional info on SSL site settings in this context.

Also FYI, checkout the SSL and Security help info at http://www.continental.com/help/securityinfo.asp and some other larger service-orented sites, you may get some ideas on how to approach and dumb-down the SSL help wording in a Login context for "regular" users.

A few other considerations would be to change the style and/or page title for the Secure Login page to have say a Red- background and the page title to read "Secure Login" instead of the regular "Login".  Maybe using the red-bar or the green-bar skin for the alternate "Secure Login" page in order to visually differentiate it.

Also would suggest, if possible, to permit a URL or valid site-page link for both:

     https://SITENAME.editme.com/_Login?redirect=Home
     or
     https://SITENAME.editme.com/_SSL_Login?redirect=Home