Loading Profile...
Secure (HTTPS) access to Soocial data
Maybe I'm a little bit paranoid, but the current method of storing/getting user data from Soocial (I'm referring mostly using the API) seems not so safe (plain http user authentication).
I'm very excited by your idea but at this time I'm not willing to store such sensitive data (names, phone numbers, email addresses) on a mostly un-secure site.
I'm hoping for either HTTPS or other (?) safer methods of transferring and accessing this data.
I'm very excited by your idea but at this time I'm not willing to store such sensitive data (names, phone numbers, email addresses) on a mostly un-secure site.
I'm hoping for either HTTPS or other (?) safer methods of transferring and accessing this data.
I’m thankful
5
people like this idea
I like this idea!
Tell me when this idea gets some attention.
The more people who like this idea, the more it gets noticed.
The more people who like this idea, the more it gets noticed.
The company has this in progress.
The best point from the company
-
Hey there,
You're absolutely right to be paranoid. Data security is a big concern for us. We're lacking in our API documentation but you should be able to use HTTPS with our API.
Also we do support OAuth for authentication so you don't really have to send over your credentials as plain text, just a token.
Let us know if you need any further help.
I’m excited
The company thinks
this is one of the best points
-
Inappropriate?Hey there,
You're absolutely right to be paranoid. Data security is a big concern for us. We're lacking in our API documentation but you should be able to use HTTPS with our API.
Also we do support OAuth for authentication so you don't really have to send over your credentials as plain text, just a token.
Let us know if you need any further help.
I’m excited
The company thinks
this is one of the best points
-
Inappropriate?The lack of having SSL/TLS on the Outlook plugin connection is realy embarassing in my opinion. Every 20 minutes a SyncML file is posted to sync.soocial.com with a bas64 encoded string with my username and password... That is super insecure! Also all the connection data is transfered in plain text... I just can't believe it...
I think I was right http://www.emerce.nl/nieuws.jsp?id=29...
I’m fealing insecure
1 Comment Add a comment
This is one of the best points
-
Can only agree Kjeld. We will make that possible in the future. You might want to set your client to sync less often. Like every 2 hours. Or once a day. The changes in Outlook will be synced immediately. -
Inappropriate?What timeframe/date is "the future", this thread was started 5 months (!) ago. And does the upcomming iPhone app have secure connections?
-
Inappropriate?Hey Kjeld,
thanks for being persistent! We have taken the first step today, and got a ssl certificate for our sync server. We will have to work on implementing this in to our clients now.
EMPLOYEE
EMPLOYEE
