Many websites have a very simple design flaw that never ceases to annoy me. I just discovered that WordPress has it too. Secure Log-in. It is a simple concept. If you want to update your blog, you click on a link, and are taken to a WordPress log-in page. This page is not secure. Check the address bar, it begins with ‘http’ and not ‘https’. Also you make look at the status bar at the bottom of your browser window and you will not see the ‘lock’ icon. Click the button without entering any information. The page will re-load with an error message saying that some of your information was incorrect. This new page is secure. You will see ‘https’ and the ‘lock’ icon. Why the run-around? Why can’t they just do it right on the first page?
While this is bothersome, it is even more troubling with websites that allow you to create your own username and password. Few of these sites are secure in the areas where you enter/create your password. What good is having a password to access my private and secure information if i created the password out in the open without any security? Grrr.