Passing data from a http page to https page. Is it secure?

Tech Tip: Click here to run a free scan for Windows Errors and optimize PC performance

From: "PK" <someone@xxxxxxxxxxx>
Date: Wed, 16 Nov 2005 09:42:11 +0530

Hi All,

Is it secure to post password data from a http page to an https web page?
Can anyone use a sniffer to read the password. I have seen a couple of sites
which have implemented similarly.
Ex: Yahoo Login page has 2 modes Standard and Secure. When I checked the
standard mode the login page was an http one, but the data is being posted
to an https location something like this
https://login.yahoo.com/config/login_verify2?
and later it gets redirected to something like this
http://my.yahoo.com/

If it is posting to a https page in standard mode then what is the
difference in secure and standard mode. oops!! I am kind of asking about
yahoo's implementation. Its ok if someone answers my first question.

Thanks
-PK

.

Follow-Ups:
- Re: Passing data from a http page to https page. Is it secure?
  - From: Jevon

Prev by Date: RE: Error - 0x8007007E when building ASP.NET project
Next by Date: Re: Insert Clob into Oracle using Enterprise Library
Previous by thread: RE: Error - 0x8007007E when building ASP.NET project
Next by thread: Re: Passing data from a http page to https page. Is it secure?
Index(es):
- Date
- Thread

Relevant Pages

Re: Passing data from a http page to https page. Is it secure?
... Theoretically, yes, it's secure. ... https to begin with. ... Yahoo Login page has 2 modes Standard and Secure. ... > standard mode the login page was an http one, but the data is being posted ...
(microsoft.public.vsnet.general)
Re: Is this REALLY a secure site?
... >> How can anyone really know if an SSL or HTTPS connection is truly ... Even if it is theoretically secure ... major credit card company wound up making the authorization against my ... > site uses a numerical IP address: those are always bogus. ...
(microsoft.public.windowsxp.general)
Re: Secure an upload page
... The most secure way to do downloads might be to use NTFS ... If the upload page ... I am using https ...
(microsoft.public.inetserver.iis.security)
Re: At What Point Does the Security Begin?
... All secure forms examine this variable, and if empty redirect to the ... all pages behind the login are posted through SSL. ... in which I understand .NET uses a cookie behind ... not secure (it's called at http, not https) but posts to a page ...
(microsoft.public.dotnet.security)
Re: Ethernet cable question.
... I have developed Web HTTPS site ... solutions on the server and on the client end. ... *CAN* be secure. ...
(microsoft.public.windows.vista.general)