Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Add note to passwords documentation recommending the use of HTTPS
The 'Password management in Django' page is comprehensive on the subject of storing passwords in the server. But was missing out a key point about password security: traffic between client and server needs to be encrypted when sending user's login details. Personally, I found the existing documentation so comprehensive that I thought 'great, someone has thought about all this for me and I don't need to worry about password security' and forgot all about the need for HTTPS until someone reminded me (several weeks later). So I think there needs to be a note on this page about HTTPS.
- Loading branch information