mbond
04-09-2014, 11:18 AM
Got an email that i needed to change my credit card info with EAA. I generally don't use credit cards on 3rd party sites and pay via paypal, but EAA doesn't seem to support this yet.
So, in light of the recent heartbleed openssl bug, i thought i'd check EAA's SSL security.
Good news. Not affected by Heartbleed.
Bad news. Scored an "F" on SSL tests and is "insecure"
https://www.ssllabs.com/ssltest/analyze.html?d=secure.eaa.org
So, i can update my credit card info on an insecure website or i can call someone and give them my information over the phone (which isn't secure either).
Maybe i'll generate a temp credit card number from bank of america and use that. :)
So, in light of the recent heartbleed openssl bug, i thought i'd check EAA's SSL security.
Good news. Not affected by Heartbleed.
Bad news. Scored an "F" on SSL tests and is "insecure"
https://www.ssllabs.com/ssltest/analyze.html?d=secure.eaa.org
So, i can update my credit card info on an insecure website or i can call someone and give them my information over the phone (which isn't secure either).
Maybe i'll generate a temp credit card number from bank of america and use that. :)