• Categories
  • Recent
  • Tags
  • Popular
  • Users
  • Search
  • Register
  • Login
Netgate Discussion Forum
  • Categories
  • Recent
  • Tags
  • Popular
  • Users
  • Search
  • Register
  • Login

2.0 Login Screen

Scheduled Pinned Locked Moved 2.0-RC Snapshot Feedback and Problems - RETIRED
4 Posts 4 Posters 2.9k Views
Loading More Posts
  • Oldest to Newest
  • Newest to Oldest
  • Most Votes
Reply
  • Reply as topic
Log in to reply
This topic has been deleted. Only users with topic management privileges can see it.
  • T
    TechMOGogy
    last edited by Mar 13, 2009, 8:02 PM

    It may just be me but I don't like the pfSense logo and color scheme on the log on page
    I just think that if someone stumbles upon my IP address (which would be blocked but hey you never know) it should not
    tell them what it is (ie. pfsense.org)

    Just my 2 cents worth
    Other wise I am loving 2.0 Alpha Alpha so far

    Thanks,

    1 Reply Last reply Reply Quote 0
    • J
      jimp Rebel Alliance Developer Netgate
      last edited by Mar 13, 2009, 8:08 PM

      I have thought about the same thing, about letting everyone see the login screen, but then again your WebGUI shouldn't be accessible to just anyone crawling the web. (more info)

      My nit with the login screen is that Firefox doesn't recognize it as a login screen and thus doesn't offer to save the username/password. It's probably more secure that way, it just means I have to remember the passwords and type them every time. :)

      Remember: Upvote with the đź‘Ť button for any user/post you find to be helpful, informative, or deserving of recognition!

      Need help fast? Netgate Global Support!

      Do not Chat/PM for help!

      1 Reply Last reply Reply Quote 0
      • B
        billm
        last edited by Mar 18, 2009, 3:01 AM

        @TechMOGogy:

        It may just be me but I don't like the pfSense logo and color scheme on the log on page
        I just think that if someone stumbles upon my IP address (which would be blocked but hey you never know) it should not
        tell them what it is (ie. pfsense.org)

        Just my 2 cents worth
        Other wise I am loving 2.0 Alpha Alpha so far

        Thanks,

        Anything we do could be fingerprinted.  Sure, it "shouts" it out now, but at least it's obvious that it is, instead of pretending that it's secure.  Besides, it's not like you left it with the default username/password combo did you? :)

        –Bill

        pfSense core developer
        blog - http://www.ucsecurity.com/
        twitter - billmarquette

        1 Reply Last reply Reply Quote 0
        • T
          tohil
          last edited by Mar 24, 2009, 10:18 AM

          @billm:

          @TechMOGogy:

          It may just be me but I don't like the pfSense logo and color scheme on the log on page
          I just think that if someone stumbles upon my IP address (which would be blocked but hey you never know) it should not
          tell them what it is (ie. pfsense.org)

          Just my 2 cents worth
          Other wise I am loving 2.0 Alpha Alpha so far

          Thanks,

          Anything we do could be fingerprinted.  Sure, it "shouts" it out now, but at least it's obvious that it is, instead of pretending that it's secure.  Besides, it's not like you left it with the default username/password combo did you? :)

          –Bill

          the real security hole is when someone can access your webgui, wich shouldn't.

          many security product manufacturer use logos on there webguis. Juniper, Checkpoint, Astaro, and so one, have webguis with a logo.

          just allow trustet networks connecting to the webgui. and use https instead of http. this is security enough. just a logo allows you not to hack or to be secure, when no logo is shown.

          1 Reply Last reply Reply Quote 0
          3 out of 4
          • First post
            3/4
            Last post
          Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.
            This community forum collects and processes your personal information.
            consent.not_received