This is especially important with everybody increasingly using wireless networks, which are usually unencrypted. You don't want your passwords flying around unprotected over the air!
The two new security available are:
SSL
We now use SSL (encryption) not only for payment processing, but also to let you create new accounts and change your password: the two pages that would otherwise send your password across the net in the clear.
Challenge/Response
If your browser supports JavaScript (almost all do), then the login page won't send your password in the clear either. Instead, the server sends a "challenge" which your browser combines with your password with JavaScript and generates a "response" which can't be reversed. Your browser then sends that (instead of the password) and the server checks to see if the result is what it expects. If your browser can't do JavaScript, you can alternatively log in via SSL instead, and the interface will give you a link to do so.
All of this will happen automatically, so don't worry about doing anything special. If you have questions or find problems, contact support and we'll help you out.
Enjoy!
(P.S. We'll be supporting HTTP Digest Auth and challenge/response in the interface handlers soon, too.....)
← Ctrl ← Alt
Ctrl → Alt →
← Ctrl ← Alt
Ctrl → Alt →