The Golden Frog website should use a secure, ephermal cipher suite. Our passwords are too easy to intercept.
The website shouldn't use the RC4 cipher. Ever. Whenever we go to change our passwords on the website, it is too easy for powerful adversaries to intercept our passwords. The website should use a secure cipher, like AES-128-GCM, with an ephermal key exchange, like ECDH.
18
votes
