I just upgraded to Firefox 52.0 and it now warns that my password etc may not be safe since Danbooru does not have a Https:// in front of the web address. And yes I paraphrased that so the actual warning message is slightly different. So how secure is Danbooru?, and if its not very secure, what if anything is being done about it? I doubt any of us want are personal information compromised, so i decided to ask Albert or whomsoever is in charge of that facet of the site.

I asked about this before and it boils down to that probably nobody cares enough to probe a guy that browses a website that hosts loli and shota art behind a paywall unless he's a politician. Also, only the main Danbooru server is covered under a two year secure certificate because good ones are expensive and LetsEncrypt is stupid.

You can always change the beginning of the URL to https...

I just use HTTPS everywhere.

Click "sign in securely" when logging in to login over https. The security impact of not using https is that a) your password (when you log in) and b) the pages you view can potentially be intercepted by third parties - namely other people on your local network, your ISP, Danbooru's webhost, the NSA...

How big of a problem this is depends on how paranoid you are. If you're active at all then your proclivities are hardly a secret anyway, given that uploads / favorites / tag edits are public. If you're super concerned about privacy, then you'll want to use a throwaway username not related to accounts on any other sites (most people know to do this already), use a unique password, and maybe use a VPN.

tapnek said:

LetsEncrypt is stupid.

I beg to differ. ^^