From the Vinetrade site:"Secure and trustworthy. Your transactions are encrypted."
Step 1:
Start posting username/pwd to your server over HTTPS and
start delivering signup & login forms over HTTPS.
At the moment, both of these happen in plain text so I don't see how you can say you take security seriously if you can't even get the low hanging fruit.
Step 1: Start posting username/pwd to your server over HTTPS and start delivering signup & login forms over HTTPS.
At the moment, both of these happen in plain text so I don't see how you can say you take security seriously if you can't even get the low hanging fruit.