• Welcome to the new Mac-Forums. See News and Community Announcements for more details.

.Mac HomePage Security


The Duffer

I have created a HomePage site using my .mac trial account, password protected this using the on-line tools and then created an associated page - an online photo gallery. After doing this, I clicked on the 'Announce Site' link and sent it to my inbox for checking.

On receipt of the message however, no password was asked for to validate the user - is this correct? Does the very act of clicking on the link act as validation? If this is the case then why is the password given as part of the message? Surely a safer option would be to have this password asked for each time a user tries to log in and view the page?

What are the implications here for users of public machines? I'm assuming that once the link is clicked or the password given then the user's session ID/cookies come into play allowing direct access.

I just want to be 100% sure that my on-line photo galleries are secure before going from a trial to a full .mac subscription and creating a readily accessible web resource of images for friends and family around the world.