Enhanced Security
As we mentioned in yesterday's State of the Goat: 2004 (which you should read, btw! :-)), we now support secure logins and password changes.

This is especially important with everybody increasingly using wireless networks, which are usually unencrypted. You don't want your passwords flying around unprotected over the air!

The two new security available are:

SSL
We now use SSL (encryption) not only for payment processing, but also to let you create new accounts and change your password: the two pages that would otherwise send your password across the net in the clear.

Challenge/Response
If your browser supports JavaScript (almost all do), then the login page won't send your password in the clear either. Instead, the server sends a "challenge" which your browser combines with your password with JavaScript and generates a "response" which can't be reversed. Your browser then sends that (instead of the password) and the server checks to see if the result is what it expects. If your browser can't do JavaScript, you can alternatively log in via SSL instead, and the interface will give you a link to do so.

All of this will happen automatically, so don't worry about doing anything special. If you have questions or find problems, contact support and we'll help you out.

Enjoy!

(P.S. We'll be supporting HTTP Digest Auth and challenge/response in the interface handlers soon, too.....)

(Post a new comment)

	morallybass 2004-01-02 05:42 pm UTC (link)
	Are there analogous updates to the XMLRPC and CGI interfaces the majority of the 3rd party clients use? (Reply to this) (Thread)(Expand)

	bradfitz 2004-01-02 05:45 pm UTC (link)
	Soon. Watch lj_dev for announcements, which is more fitting than news. (Reply to this) (Parent)

(no subject) - bradfitz, 2004-01-03 01:02 am UTC (Expand)

Query... - ashwinb, 2004-01-03 08:23 am UTC (Expand)

	Just a note to say mizcrank 2004-01-02 05:45 pm UTC (link)
	You guys rule. That is all. (Reply to this)

	squisheroo 2004-01-02 05:45 pm UTC (link)
	ooh, goodie. =oD! (Reply to this)

	voodooboi 2004-01-02 05:46 pm UTC (link)
	Awesome changes, SSI is much preferred in some people's opinions,.. Bring on the State of The Llama, I say. :D (Reply to this) (Thread)(Expand)

	jsnrhs 2004-01-02 06:02 pm UTC (link)
	agreed (Reply to this) (Parent)

Correction: - zerotime, 2004-01-02 09:16 pm UTC (Expand)

Re: Correction: - voodooboi, 2004-01-02 09:32 pm UTC (Expand)

Re: Correction: - superbrava, 2004-01-08 02:32 am UTC (Expand)

Re: Correction: - zerotime, 2004-01-08 03:00 am UTC (Expand)

Re: Correction: - superbrava, 2004-01-08 03:33 am UTC (Expand)

Re: Correction: - zerotime, 2004-01-08 03:41 am UTC (Expand)

(no subject) - girlonthewing6, 2004-01-07 02:35 pm UTC (Expand)

(no subject) - glowing_fish, 2004-01-08 04:31 am UTC (Expand)

	mia76 2004-01-02 05:46 pm UTC (link)
	oh... so THAT'S why I was logged off a couple of minutes ago when I set account to never log out. And when I logged in a again it said I typed in the wrong password twice. Thanks! ;) LJ rocks! Yay! :P (Reply to this) (Thread)(Expand)

	futureperfect 2004-01-02 05:48 pm UTC (link)
	It did that to me too - but strangely enough it would log in for one of my free accounts, but not the other or my paid account. Probably in different places. But yay. :D (Reply to this) (Parent)(Thread)

(Deleted post)

(no subject) - bradfitz, 2004-01-02 06:04 pm UTC (Expand)

(no subject) - futureperfect, 2004-01-02 06:31 pm UTC (Expand)

(no subject) - rahaeli, 2004-01-02 08:53 pm UTC (Expand)

(no subject) - futureperfect, 2004-01-02 09:01 pm UTC (Expand)

(no subject) - mia76, 2004-01-02 07:35 pm UTC (Expand)

(no subject) - razorbuzz, 2004-01-03 02:04 am UTC (Expand)

(no subject) - sundaymelody, 2004-01-03 04:32 pm UTC (Expand)

(no subject) - razorbuzz, 2004-01-03 06:47 pm UTC (Expand)

(no subject) - sundaymelody, 2004-01-03 06:49 pm UTC (Expand)

(no subject) - razorbuzz, 2004-01-03 07:24 pm UTC (Expand)

(no subject) - sundaymelody, 2004-01-03 07:24 pm UTC (Expand)

(no subject) - razorbuzz, 2004-01-03 07:29 pm UTC (Expand)

hey look - thedanastory, 2004-01-04 06:43 am UTC (Expand)

(no subject) - futureperfect, 2004-01-04 06:34 pm UTC (Expand)

Re: - bang, 2004-02-03 09:29 am UTC (Expand)

(no subject) - petulant, 2004-01-03 01:11 pm UTC (Expand)

(no subject) - futureperfect, 2004-01-02 06:07 pm UTC (Expand)

(no subject) - mia76, 2004-01-02 07:43 pm UTC (Expand)

(no subject) - futureperfect, 2004-01-02 07:53 pm UTC (Expand)

(no subject) - mia76, 2004-01-03 06:40 pm UTC (Expand)

(no subject) - elfing, 2004-01-03 10:23 pm UTC (Expand)

(no subject) - gracious, 2004-01-04 06:21 pm UTC (Expand)

(no subject) - futureperfect, 2004-01-04 06:38 pm UTC (Expand)

(no subject) - bloody_jewel, 2004-01-09 11:06 am UTC (Expand)

(no subject) - futureperfect, 2004-01-11 03:36 am UTC (Expand)

confused - rufe, 2004-01-03 12:46 am UTC (Expand)

Re: confused - kyilkitt, 2004-01-04 01:47 am UTC (Expand)

(no subject) - superbrava, 2004-01-08 02:35 am UTC (Expand)

	benigma 2004-01-02 05:48 pm UTC (link)
	Sounds cool. I'd sort of wish that you guys used LJ-CUTs.. :P (Reply to this)

	spacebird 2004-01-02 05:51 pm UTC (link)
	Excellent work, as I've come to expect. The Challenge/Response system was a good idea to add too. (Reply to this)

	desuete 2004-01-02 05:51 pm UTC (link)
	Ahhh, is this why cookies were a little off last night? I had to keep logging in. (Reply to this) (Thread)

	mizcrank 2004-01-02 06:06 pm UTC (link)
	me too (Reply to this) (Parent)(Thread)(Expand)

(no subject) - roxmasoxoff, 2004-01-02 06:34 pm UTC (Expand)

(no subject) - mizcrank, 2004-01-02 06:34 pm UTC (Expand)

	venus_orbiting 2004-01-02 05:53 pm UTC (link)
	Sounds great! Thanks as always for all the hard work, guys! (Reply to this) (Thread)

	the666 2004-01-05 07:45 am UTC (link)
	Your Furi Kuri icon rocks the house. (Reply to this) (Parent)

	jollyraincloud 2004-01-02 05:54 pm UTC (link)
	I have commented! (Reply to this) (Thread)(Expand)

	billie0 2004-01-02 07:55 pm UTC (link)
	Not really, to comment you have to actually say something about the topic (Reply to this) (Parent)

(no subject) - understated, 2004-01-06 02:56 pm UTC (Expand)

	bodosom 2004-01-02 05:54 pm UTC (link)
	I use Opera and Linux. I found my way to the https://.../login.bml page and logged in but all the references now go to httpS://..... which seems to not be working. Manually moving to the http://... side of things makes it ok. (Reply to this) (Thread)

	bradfitz 2004-01-02 05:56 pm UTC (link)
	I'll be working on cleaning those links up. Thanks! (Reply to this) (Parent)

	Already? Wow. sapphirecat 2004-01-02 05:55 pm UTC (link)
	So The Register can no longer complain about LJ. w00t! (Reply to this)

	supersat 2004-01-02 05:56 pm UTC (link)
	Do you have any plans to kill mailing out passwords in the clear and/or hashing passwords in the DB? Intercepting login passwords by sniffing network traffic seems like a pretty hypothetical problem, while I know many, many, many accounts have been compromised due to the password recovery feature. (Reply to this) (Thread)(Expand)

bradfitz 2004-01-02 06:02 pm UTC (link)

I doubt we'll be hashing passwords in the DB. It limits auth options. Sending passwords in clear is a security vs. convenience thing. What do we do instead? Send out new passwords? In what form? Then those can just be sniffed and the attacker could change the password. Plus, people could annoy others by requesting password changes all the time. Send out a "view your password here" URL? Attacker could look at it. People should read/fetch their mail over SSH or SSL, or on trusted networks at least. LiveJournal can't solve all of user's security problems. (Reply to this) (Parent)(Thread)(Expand)

(no subject) - supersat, 2004-01-02 06:08 pm UTC (Expand)

(no subject) - bradfitz, 2004-01-02 06:13 pm UTC (Expand)

(no subject) - fallen_x_ashes, 2004-01-02 06:18 pm UTC (Expand)

(no subject) - gladstone, 2004-01-02 06:57 pm UTC (Expand)

(no subject) - bradfitz, 2004-01-02 07:02 pm UTC (Expand)

(no subject) - fishy5, 2004-01-02 07:10 pm UTC (Expand)

(no subject) - vample, 2004-01-02 08:40 pm UTC (Expand)

(no subject) - tjernobyl, 2004-01-03 02:56 am UTC (Expand)

what about GPG? - todfox, 2004-01-02 10:24 pm UTC (Expand)

(no subject) - sqrfruit, 2004-01-03 02:11 am UTC (Expand)

Re: emailing passwords - conana, 2004-02-03 04:18 am UTC (Expand)

(no subject) - birdy1980, 2004-01-04 09:52 am UTC (Expand)

(no subject) - aeralla, 2004-01-04 12:45 pm UTC (Expand)

(no subject) - birdy1980, 2004-01-04 02:00 pm UTC (Expand)

	hellnawitsc 2004-01-02 06:03 pm UTC (link)
	i was wonderinf if you guys will have this thing where you can see which LJ users looked at your journal? (Reply to this) (Thread)

	bradfitz 2004-01-02 06:06 pm UTC (link)
	That'd be a privacy violation, so no. The only way we'd ever consider doing that is by making journal owners enable it, and then any visitor looking at it would see, "You can only view this journal if you agree to be tracked by hellnawitsc. If so, click HERE, otherwise go elsewhere." But that sounds like a lame solution, so we'll probably never do it. (Reply to this) (Parent)(Thread)(Expand)

(no subject) - bluemoonshark, 2004-01-02 06:22 pm UTC (Expand)

(no subject) - heather_nicole, 2004-01-02 06:55 pm UTC (Expand)

(no subject) - bluemoonshark, 2004-01-02 07:14 pm UTC (Expand)

(no subject) - super_sycoh, 2004-01-02 06:30 pm UTC (Expand)

(no subject) - ladylynx, 2004-01-02 07:46 pm UTC (Expand)

(no subject) - daydreamdancer, 2004-01-02 07:52 pm UTC (Expand)

(no subject) - ladylynx, 2004-01-02 08:13 pm UTC (Expand)

(no subject) - forever_damned, 2004-01-05 04:58 pm UTC (Expand)

(no subject) - uozaki, 2004-01-02 08:25 pm UTC (Expand)

(no subject) - ladylynx, 2004-01-02 09:05 pm UTC (Expand)

(no subject) - waterdaughter, 2004-01-04 05:26 pm UTC (Expand)

(no subject) - ladylynx, 2004-01-04 06:16 pm UTC (Expand)

(no subject) - snarkbite, 2004-01-05 11:30 am UTC (Expand)

(no subject) - ladylynx, 2004-01-05 11:46 am UTC (Expand)

(no subject) - ladylynx, 2004-01-02 09:08 pm UTC (Expand)

there is no security through obscurity - scientaestubiqu, 2004-01-02 09:21 pm UTC (Expand)

Re: there is no security through obscurity - uozaki, 2004-01-02 10:53 pm UTC (Expand)

(no subject) - uozaki, 2004-01-02 10:54 pm UTC (Expand)

(no subject) - antiquedaisies, 2004-01-03 10:48 am UTC (Expand)

(no subject) - ladylynx, 2004-01-03 10:58 am UTC (Expand)

(no subject) - jwendl, 2004-01-13 05:04 am UTC (Expand)

	kylecool 2004-01-02 06:15 pm UTC (link)
	ooo, that sounds really cool. :) I like that! (Reply to this)

hozed 2004-01-02 06:22 pm UTC (link)

I'm a big fan of single-sign-on.. so I read the securityfocus article (http://www.securityfocus.com/news/7739) and immediately wondered how feasable it would be to implement support for either microsoft passport or Sun's Project Libery "federated identity" stuff. (http://www.projectliberty.org/about/faq.html) I personally wouldn't ever use passport, but I'd love to be able to run my own 'identity server' on my domain and be able to authenticate to livejournal with it. So, any thoughts? I'd be very interested in helping test this out. (Reply to this) (Thread)

bradfitz 2004-01-02 06:28 pm UTC (link)

This is a huge interest area for me. One thing I want to do in 2004 is make each LiveJournal server be an identity server, so you can roam around LiveJournal-based sites (between livejournal/deadjournal) and use the same auth, if you give permission to your identity server (say, LJ) to tell DJ who you are. Then we'd release our code so other sites could use LJ/DJ as their identity servers. I haven't heard of Project Liberty, but I'll check it out. I imagine it'd be possible to support that as well. I really don't want to support Passport. I want distributed identity, not centralized identity. You should join lj_dev and/or drop me some mail to talk about this. Projects like this always need project heads to organize everything. (Reply to this) (Parent)(Thread)(Expand)

(no subject) - hozed, 2004-01-02 07:39 pm UTC (Expand)

	Frank doesn't thank me for my call anymore frezzen 2004-01-02 06:24 pm UTC (link)
	I posted via phone today and the lady didn't say "Frank the Goat appreciates your call". Did my cell just cut out or did you take that cute little line out? (Reply to this) (Thread)(Expand)

	Re: Frank doesn't thank me for my call anymore bradfitz 2004-01-02 06:29 pm UTC (link)
	It's random. :-) (Reply to this) (Parent)(Thread)(Expand)

Re: Frank doesn't thank me for my call anymore - frezzen, 2004-01-02 06:31 pm UTC (Expand)

Re: Frank doesn't thank me for my call anymore - grahams, 2004-01-02 08:07 pm UTC (Expand)

Re: Frank doesn't thank me for my call anymore - damnitnicole, 2004-01-03 12:11 am UTC (Expand)

Re: Frank doesn't thank me for my call anymore - lizard, 2004-01-02 07:38 pm UTC (Expand)

Re: Frank doesn't thank me for my call anymore - frezzen, 2004-01-02 07:44 pm UTC (Expand)

More data? medievalist 2004-01-02 06:26 pm UTC (link)

Pardon my technical naivete, but I've been engaged in some somewhat heated discussions with a web developer about a site with many many users who log in with passwords that are sent in the clear. We're moving to a wireless model, so the potential security issues worry me. I've been told that there is no way to combine javascript and SSL. This sounds idiotic to me, but I need to have "proof." Can someone point me to URLS or even the terms I should research to then help the web guy--who probably just doesn't realize this is possible, he's not a bad guy--do what y'all have done? Thanks--and I know you're way busy, so don't spend a lot of time, and feel free to ignore me. (Reply to this) (Thread)(Expand)

	Re: More data? bradfitz 2004-01-02 06:30 pm UTC (link)
	Depends on what you mean by "combine". You can certainly serve pages over SSL that do JavaScript. Almost everybody does it who does SSL because JS is so widespread. Now, you probably can't load an SSL document from non-SSL JavaScript because of cross-domain security issues, but that's normal. (Reply to this) (Parent)

Re: More data? - jwendl, 2004-01-13 05:11 am UTC (Expand)

	noxotherxonexx 2004-01-02 06:30 pm UTC (link)
	sounds great. thanks (Reply to this)

	evilnightngale 2004-01-02 06:43 pm UTC (link)
	Awesome. Thank you. (Reply to this)

	madrigal73 2004-01-02 06:44 pm UTC (link)
	spiffy! you guys are great. :] (Reply to this)

	macbrain 2004-01-02 06:45 pm UTC (link)
	Thanks. This is a very welcome improvement! (Reply to this)

	schnee 2004-01-02 07:13 pm UTC (link)
	Great work, guys and gals. Thanks. ^_^ (Reply to this)

fishy5 2004-01-02 07:21 pm UTC (link)

I don't generally like to publicly say good things about evil for-profit companies, especially those that take advantage of open-source to do it unless the code in maintained exclusively by their highly paid team of expert programmers *cough come hire me cough*. But SSL for further protection of passwords is a good thing regardless of what the password is for. Good job, now go implement that ID server thing hozed mentioned. (Reply to this) (Thread)(Expand)

bradfitz 2004-01-02 07:34 pm UTC (link)

How are we evil? Because we're for-profit? You realize we don't profit much, right? Almost all money goes back into the site. And I'm a little offended if you're implying that we're taking advantage of open-source. You know how much we give back? We wrote and released memcached (which slashdot, wikipedia, and others use), livejournal itself is open source, and we've submitted patches to mono, mozilla, libevent, and other projects. We're definitely not open source vultures, using it just to save some bucks... we're open source diehards. (Reply to this) (Parent)(Thread)(Expand)

(no subject) - fishy5, 2004-01-02 08:14 pm UTC (Expand)

(no subject) - bradfitz, 2004-01-02 08:22 pm UTC (Expand)

(no subject) - fishy5, 2004-01-02 08:51 pm UTC (Expand)

(no subject) - todfox, 2004-01-02 10:22 pm UTC (Expand)

(no subject) - fishy5, 2004-01-03 01:20 pm UTC (Expand)

(no subject) - xphilega, 2004-01-06 06:04 pm UTC (Expand)

As this is going OT rather quickly.. - fishy5, 2004-01-02 09:08 pm UTC (Expand)

(no subject) - tgape, 2004-01-11 06:43 pm UTC (Expand)

(no subject) - fishy5, 2004-01-12 12:14 am UTC (Expand)

	Thank you squixy 2004-01-02 07:48 pm UTC (link)
	I just wanted to thank you because I've been using a wireless network for a while and I've been more than a little bit worried about somebody pulling my password out of the air. Thanks again! (Reply to this)

---