How to secure your MT Bookmarklets
December 17th, 2003to log in use:
https://log.this-domain.com/cgi-bin/mt.cgi
and you can see the results at:
http://log.your-domain.com
Please Note:
from your main login screen into the Movable Type system there is an
*extremely* handy link called “set up bookmarklets”. This offers you two
choices for ways to set up links to ease publishing. BOTH OF THE LINKS ARE
INSECURE. To secure them you will need to find the link they create (for
the IE one, this is a registry entry) and add an “s” (for secure!) to the
end of the “http” buried in the long URL.
? what am I risking if I don’t -
Each time you use the resulting shortcut link, your browser will exchange
your Movable Type username and password accross the network. Without the
“s” (for secure!) this information can be intercepted easily by anyone who
can eavesdrop on your conversation. If you are on a wireless connection,
this includes your neighbors. If you are on a university or corporate
network, this means their administrators (and their ISP’s administrators)
(and my ISP’s administrators) .. and several other people whom you will
never meet and have no business knowing how to log into your weblog, or
what your “throw away internet account stuff” password is (this month).
