Accessing this forum

My bookmark works, as usual (in fact two bookmarks, depending on whether I want the forum home page or What's New?).

No problem here. Like frenchie I access via a bookmark. If using a mobile phone I easily find and logon via quick Google search for "Radio 3 Forum". On laptop I tend to use Firefox, while on a phone I usually browse using Chrome.

No unusual problems here, either - apart from how the internet in general seems often to have been going very slowly of late, with frequent seize-ups or mist-outs, particularly at certain times of the afternoon, or if I return after leaving it just ticking over for a few hours.

Thanks, everyone.
It must have been a glitch - as it works perfectly now!

... I know the feeling. I suspect it's the claret.


.

Au contraire: when I go out, it's to shake the leg, not the bottle!

Over the last couple of days when accessing the forum on my MacBook, iPhone or iPad via home wi-fi or 4G I've been getting a warning saying 'website not secure'.

Can anyone shed any light on this?

As browsers get updated to new versions this is one of the additional features that has been added. I use Firefox and this is part of the information they provide to go with the warning:

About insecure pages

Pages that need to transmit private information, such as credit cards, personal information and passwords, need to have a secure connection to help prevent attackers from stealing your information. (Tip: A secure connection will have "HTTPS" in the address bar, along with a green lock icon.)

Pages that don’t transmit any private information can have an unencrypted connection (HTTP). It is not advised to enter private information, such as passwords, on a web page that shows HTTP in the address bar. The information you enter can be stolen over this insecure connection.

The upshot of which is to stress the need to use unique passwords for such insecure sites. That way, if someone steals that password, all they can do with it is pose as you on those specific sites.

This isn't the only site which has this "feature" - one other I know uses the same forum software. I have noted this issue which has been inherent in these sites for some considerable time.

Ideally I suppose this should be fixed, and made secure, but risks can be reduced considerably if the passwords used for sites like this have the following characteristics:

1. They are unique to the site.

2. They are not like any other password you may use, which could allow an attacker to guess your password style.

Sadly I'm gradually returning to using gobbledygook passwords for some sites, so that the passwords would be hard to guess, but unfortunately also very hard to remember. I also wonder about some banking sites, which have procedures which are clearly not secure enough - despite apparent attempts by the organisations to make them so. It may actually make sense to change the passwords and code words etc. from time to time. Think about people watching your screen, or key loggers on your machines which allow others to see what you're doing remotely. Some banks use 2 factor authentication, which presents its own problems, not always to the genuine user's advantage.

Is that numerals as well as letters, Dave?

Do you know and are you testing me out, or do you want to know? Is 42 the answer?

Two factor authentication is when access to a site then causes some other action, such as presenting you with a code on a mobile phone (assumed to be yours), or for Apple kit, showing you a code on an iPad or an iPhone which has been verified by your thumb press, and then asking you to enter the code. In the case of banks using mobile phones for this verification the issues are: 1. the phone may be switched off. 2. the phone may be in a network "black hole". 3. The phone may have a run down battery. A consequence of this might be that wanted transactions don't get carried out - which in theory protects your money, but if the transaction was for something urgent which has to be paid (mortgage perhaps) or merely for a special offer item, then having transactions blocked can be a real pain, and may even incur additional costs because of the transaction failure. This has happened to me on several occasions, though fortunately I've generally been able to get payment done - using a different account or card, and I don't think I've incurred additional costs. However, when this happens it may trigger phone calls supposely from a "fraud" department, which gives added pain, and it takes time to check that really nothing untoward has happened. Depends on the bank of course, but one I'm thinking of which begins with 'S' seems to have a way of screwing this up too often to be comfortable.

Aha - thanks for the explanation Dave. No trickery on my part: being a total autodidact when it comes to computers, I don't understand a lot of the associated terminology!

Do you mean 'two-step' or 'two factor' authentication ? There are subtle differences. Regardless, the key thing about using a mobile phone as one of the elements in your security is that it is too damn easy for a fraudster to use social-engineering to call up your mobile provider pretending that they are you and getting the calls to your mobile diverted to their phone. For calls, also read SMS confirmation messages etc from your bank. Landlines are also not immune since the same social-engineering techniques can be used to get BT to divert your phone to that of a fraudster.

From that perspective, it would seem that Apple's devices etc plus the fingerprint recognition is one of the most secure methods.