• The TUGBBS forums are completely free and open to the public and exist as the absolute best place for owners to get help and advice about their timeshares for more than 30 years!

    Join Tens of Thousands of other Owners just like you here to get any and all Timeshare questions answered 24 hours a day!
  • TUG started 30 years ago in October 1993 as a group of regular Timeshare owners just like you!

    Read about our 30th anniversary: Happy 30th Birthday TUG!
  • TUG has a YouTube Channel to produce weekly short informative videos on popular Timeshare topics!

    Free memberships for every 50 subscribers!

    Visit TUG on Youtube!
  • TUG has now saved timeshare owners more than $21,000,000 dollars just by finding us in time to rescind a new Timeshare purchase! A truly incredible milestone!

    Read more here: TUG saves owners more than $21 Million dollars
  • Sign up to get the TUG Newsletter for free!

    60,000+ subscribing owners! A weekly recap of the best Timeshare resort reviews and the most popular topics discussed by owners!
  • Our official "end my sales presentation early" T-shirts are available again! Also come with the option for a free membership extension with purchase to offset the cost!

    All T-shirt options here!
  • A few of the most common links here on the forums for newbies and guests!

Unsecured WiFi at Hotel

Ridewithme38

TUG Member
Joined
Jul 14, 2010
Messages
3,325
Reaction score
4
Points
273
Location
Long Island, NY
Do you value your TUG login credentials? If not, don't worry about what I'm going to say.

If you do, be aware that TUBbbs, unfortunately, does not provide https login. This means that your TUG credentials are sent in the clear and can be seen/sniffed over unsecured networks.

Most good Banking sites (not all!) will have full encryption from the point of login to logout. Depending on which browser you are using, an indication that you're connecting via SSL encryption is the https://... URL or a padlock icon showing locked, not unlocked state.

Still unsure? Just make sure you add the https:// in front of any URL you use. If it loads, you have SSL encryption. If it doesn't -- then you don't.

I just posted a request to the TUG Admins in the TUG section of the forums. Its not difficult to implement so I'm baffled as to why the response is .. just don't use any credentials you care about.

Most BBS Software doesn't use HTTPS for logging in...Now, i'm not going to comment on if that is safe or smart, just kinda the way it is, he may have to completely pull down the site to implement it
 

BoaterMike

TUG Member
Joined
May 1, 2010
Messages
637
Reaction score
1
Points
228
Location
St. Louis, MO, Gettysburg, PA
Resorts Owned
Royal Caribbean, Royal Haciendas, Marriott Grand Chateau,
If you do, be aware that TUBbbs, unfortunately, does not provide https login. This means that your TUG credentials are sent in the clear and can be seen/sniffed over unsecured networks.

While not a bad idea, It's not really that uncommon that encryption is lacking for message forums. As previously mentioned, you're at risk for your ID and password for the forum and that's it. Banking and financial sites is a different matter.
 

Ken555

TUG Review Crew: Veteran
TUG Member
Joined
Jun 7, 2005
Messages
14,522
Reaction score
5,638
Points
898
Location
Los Angeles
Resorts Owned
Westin Kierland
Sheraton Desert Oasis
This isn't a secure site. There's no need for ssl.
 

Talent312

TUG Review Crew: Veteran
TUG Member
Joined
Jul 4, 2007
Messages
17,461
Reaction score
7,277
Points
948
Resorts Owned
HGVC & GTS
I seriously doubt that anyone has any interest in my TUG credentials.
Except perhaps an "enemy" who'd try to spoof one my posts.

However, I do not use my "public" ID+Pwd for more sensitive sites.
 

Ridewithme38

TUG Member
Joined
Jul 14, 2010
Messages
3,325
Reaction score
4
Points
273
Location
Long Island, NY
I don't get why we are calling a forum user name "Credentials"...its a username not a social security number, bank ID, drivers license ID....i know when someone asks me for my credentials, i don't give them my Forum ID
 

Kal

TUG Member
Joined
Jun 6, 2005
Messages
4,406
Reaction score
511
Points
499
Location
Redmond, WA
...While I am using HMA, there are many reputable services out there. Witopia, suggested by linsj, gets very good reviews from users. It's certainly worth a look. Also, check with your antivirus software vendor. I use Avast, and they are supposedly adding this service in 2012.

Here are a couple of tech articles that can get you started. They are from 2011 but will help with some info and recommendations.

www.computerworld.com/s/article/9205401/

http://lifehacker.com/5759186/five-best-vpn-service-providers

Mike

FYI, I tried to get into the HMA site but my anti-virus software finds it as a "dangerous site" and blocks me from getting into it. I wonder why? Maybe it's as simple as the name. :confused:
 

BoaterMike

TUG Member
Joined
May 1, 2010
Messages
637
Reaction score
1
Points
228
Location
St. Louis, MO, Gettysburg, PA
Resorts Owned
Royal Caribbean, Royal Haciendas, Marriott Grand Chateau,
FYI, I tried to get into the HMA site but my anti-virus software finds it as a "dangerous site" and blocks me from getting into it. I wonder why? Maybe it's as simple as the name. :confused:

I guess it could happen, Kal. I don't know what software you are running, but that's pretty strict control. Does that happen often? It's a Canadian site. I use a browser extension that scores trust worthiness and HMA is up there, almost as high as TUG or Google.

But, don't do something that makes you feel uncomfortable. Try one of the other ones suggested like Witopa, Cyberghost, etc.

Mike
 

TravelSFO

TUG Member
Joined
Jun 11, 2005
Messages
422
Reaction score
0
Points
226
Maybe I should be but I'm not. To the best of my knowledge, there is little to nothing here of real value or at risk should my user ID here get hacked or abused.

If you don't recycle your username and password there is probably very little to be concerned about. The only thing someone might find is your email address, perhaps a city and state if you added that, your name. Once a hacker has your email address, of course, the first thing they would try is to access it using the credentials that they have just obtained over the wire because it was sent in the clear.

But I'm sure no one here would use the same password for their tug account as s/he would for the email account.
 

TravelSFO

TUG Member
Joined
Jun 11, 2005
Messages
422
Reaction score
0
Points
226
While not a bad idea, It's not really that uncommon that encryption is lacking for message forums. As previously mentioned, you're at risk for your ID and password for the forum and that's it. Banking and financial sites is a different matter.

Don't kid yourself that the credentials on a BBS site are any less valuable. With access to your TUG credentials, the hacker has access to an email address and perhaps more, a mailing address, perhaps birthdate.

Providing https login is not the same as encrypting the site. Https login would just be the login page where you enter a username and password. With https login, when you submit, your credentials are encrypted.

Also https is "cheap". Enough in fees here are collected and there are enough members that I am very surprised this has not happened.
 

BoaterMike

TUG Member
Joined
May 1, 2010
Messages
637
Reaction score
1
Points
228
Location
St. Louis, MO, Gettysburg, PA
Resorts Owned
Royal Caribbean, Royal Haciendas, Marriott Grand Chateau,
Don't kid yourself that the credentials on a BBS site are any less valuable. With access to your TUG credentials, the hacker has access to an email address and perhaps more, a mailing address, perhaps birthdate.

Could happen. Just what I've observed on other forums.
 
Last edited:
Top