Every password I've used on this website has come back to me with a dark-web operator emailing me and saying that they know my email and password, and for the low, low price of +- $3,000 they will not hijack my account. Then it's just a mater of resetting all my passwords...sort of a pain.
I guess my question is: why is the security on this site is lacking? Even my browser tells me that this site is not secure.
I love the wealth of information here and would like to participate more, but that isn't worth the hassle of repeated security breaches.
What's the skinny on all that?
Try opening a secondary gmail account and use that. Someone / group may have harvested your current one
Ken
We don't have unified auth with an identity provider, so using a secondary gmail account is not needed.
You can browse to the website securely: https://10mm-firearms.com The site just also still responds if you choose to browse here un-securely.
I don't have the issue you are describing. This would indicate that it is not this site per-se, but some part of your network path that is compromised, combined with the fact that you are browsing to it insecurely.
Best practice is to have different passwords for every website and not write any of them down. I don't know about you, but that kinda memory I don't think I ever had, and certainly don't as a man over the half-way point of life. So, I have one base password that I use for all the places that matter, like banks or insurance. The same base but variations on that base so they aren't the same, but can be remembered. I have another password that I use for everything else. I also keep all of them in an encrypted file.
Maybe Patriot could look into disabling non-TLS access to the website, and maybe even killing TLS1.0 and 1.1 since those have been cracked.
Thanks everyone.
Using the link provided by sqlbullet changed the "not secure" warning from red a red triangle to a grey circle, which is good, but Chrome still warns that the site is not secure. I'm not much of a computer guy so I'm just going on what my browser tells me.
Passwords aren't much of a problem...I use a different one for every application, but it's just the 10mm-firearms passwords that come back to me from the ether with a ransom demand. I could probably just reset the one password, but resetting all of them seems prudent.
This is the only site I visit that my browser warns is not secure, so just curious why.
Thanks again!
That symbol is because it allows mixed mode content. For instance, my photos are hosted on my server non "https". The website allows that content to load. This is the warning. The reason for the warning is that the browser is "dumb" with regard to what the mixed mode content is. It could be an innocuous image or it could be a login screen hosted in an iframe that is not secure.
To prefeace this with, my expertise with computers is pretty much limited to turning it off and on. The wife, that girl rides herd on over 50,000 units for the 5th largest school district in Texas. Sometimes I think she was abducted by aliens cause she ain't speakin' english, at least to me. I normally use Firefox as it works better with some of the work I do that includes big engineering documents and videos. This site runs clean for me with no security issues. I also have Chrome on this unit as I sometimes have to use the Google Cloud to work in concert with others on huge documents. If I pull up this website on chrome, no issues. What I would suggest, which is what has been suggested to me many years back, is to send yourself an email with all of your favorites. That way you always have them. Delete all of your browsers except Explorer and then download new browser(s). You can then pick up your favorites at your email. AS the wife tells me, NEVER use the autofill for your sign in for any website. It's easy pickin's for those that are not yer friends. I use two different names/passwords for forums. I use a different one for places where I might buy things, Amazon, Grafs, MidwayUSA,etc. Emails have a different one. I would strongly suggest that you have a private email that only friends and family have. Have another email for BS like where you buy things, forums, etc, where all of the spam goes and have it as your default email. They won't get much should it get hacked. More than likely this will solve your issue. I'm also a firm believer in Crap Cleaner and run it everyday. It's a freeby. I occasionally run malewarebytes too and use Microsofts Defender for the AV. Defender ain't love but it ain't bad either. It has kept the bad guys out for the last several years. Hope this was helpful.