New
#1
https/encryption - server logs
Hey all,
Have a very quick question - when you visit a site with "https" in the address bar, it is supposed to be encrypted and as such no one can view your login/password as its not sent as plain text.
I've been using my gmail account, and online banking sites etc at work for some time. I just wondered, given both are https and encrypted, is it safe to assume that there would be no record of my actual password in the server logs etc? (i.e. no one could find it out by checking them). Obviously they'd know I'd been to site A and site B, but wouldnt be able to find out the user/pass for any encrypted sites - is this correct?
Thanks,
Andrew