Now that SL has a full server to itself, I've decided certbot was secure enough for SL for now, and I've not scraped together enough time to mess with any of the more light weight solutions. So - we finally have HTTPS support! There're a few quirks atm (ie, links to http in the source), but I'll probably sort those out eventually. Finally SkyLords supports a proper secured login form. I don't know about you, but I'm excited - been thinking about this one for a decade at least.

FAQ:

What does HTTPS do for me?

HTTPS prevents your password and your session cookie from leaking, so people can't eavesdrop on you and then tell SkyLords that they're you (it would totally believe them).

Why not just use it on the login page?

While putting it on the login page does protect your password, if you continue w/plain http they can still pretend to be you to SkyLords and do nasty things to you on this account. This could very well lead to further security breaches.

Sounds risky - why haven't we heard of people doing this yet?

They can and have - with Facebook. Not enough people care about SkyLords to mess with it (yet), but it's a fairly important milestone in website maturity (as is getting transactional emails delivered...).

I didn't know about all that - am I at risk?

If you've used the same password on SkyLords and any other service you care about more, you should probably change the password on the other service and not share it with an outdated site like SkyLords :/ (tightening security is also on the list). If you find keeping track of a bunch of passwords hard (I do), my best advice would be to use a password manager like KeePass (I sync the database via Dropbox) or LastPass (which is quite convenient, but costs $2/mo for mobile support). Both can autofill website passwords, though KeePass requires a bit more effort to get it working.

Honestly, the chances that someone has eavesdropped on your password when logging into SkyLords are low - what I'm suggesting is pretty standard security hygiene which you've probably heard dozens of times before. Like washing your hands before you eat - you likely won't get sick every time you eat without washing, but it reduces the odds of getting sick in that way.

Thank you! I know it is a bit of a hassle, but I appreciate it.

Very much appreciated.

__________________________
"KILL EM ALL.....LET GOD SORT EM OUT"

Thank you sir!

__________________________
Squirrels

Does that mean we growed up now?

__________________________
"Is not easily provoked"
Translated:
It is not good to wake a sleeping bear

Excellent.