Home > TypePad - Cons, WordPress - Pros > WordPress security versus TypePad security

WordPress security versus TypePad security

September 17, 2008 Leave a comment Go to comments

Are you afraid of the Cookie Monster? In clear words: Are you worried that someone could steal your personal data and, potentially, hijack your blog account? WordPress has apparently done something to help you protect yourself: SSL. Now, when you access your blog administration pages, WordPress encrypts your connection and helps prevent data scavengers from stealing your password and other info.

What is the Cookie Monster?

Yesterday WordPress announced Protect your blog with SSL, a one-click step to preventing the Cookie Monster from gaining access to your blog. The Cookie Monster is a toolkit that is

used in a variety of man-in-the-middle scenarios to trick a victim’s browser into turning over the authentication cookies used to gain access to user account sections of a website. This vulnerability stems from website developers’ failure to designate authentication cookies as secure. Read more here.

How to lock out the Cookie Monster?

Easy. Simply

click on Edit Profile in the My Account menu of your dashboard and you’ll see a new field called Browser Connection. There, you can opt to “Always use HTTPS when visiting administration pages.” Click Update Profile to save the change, and you’ll be logged out. Sign back in, and you’re rolling with SSL.

See the screencast here.

What about TypePad?

Frankly, I don’t think TypePad has this functionality. At least, I haven’t seen the https:// when I’m logged in, and I cannot find a single mention of SSL in the TypePad Support pages.

Slooooow

There’s one small downside to activating this feature: Writing and editing and managing my blog appears to be a bit slower now. Not annoyingly slower, but still noticably. Well, a small price to pay for extra security.

Conclusion

TypePad versus WordPress, TypePad-0, WordPress-1.

Current scoreboard

Share This

Add to FacebookAdd to NewsvineAdd to DiggAdd to Del.icio.usAdd to StumbleuponAdd to RedditAdd to BlinklistAdd to Ma.gnoliaAdd to TechnoratiAdd to Furl

  1. No comments yet.
  1. No trackbacks yet.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

Follow

Get every new post delivered to your Inbox.

Join 39 other followers

%d bloggers like this: