Login issues with Google


#1

I have been having issues recently with logging into my usual account on the forums. I wanted to report an error that I recently had.

I am having issues with my intel not showing up in Neptune’s Pride. It just says loading at the top and won’t show any intel. The page also doesn’t change at all other than the loading text.

I am also not able to login with google to the forums to report it. It keeps saying
Secure
Connection Failed. An error occurred during a connection to
www.google.com. Peer’s certificate has an invalid signature. (Error
code: sec_error_bad_signature)
The page you are trying to view cannot
be shown because the authenticity of the received data could not be
verified. Please contact the website owners to inform them of this
problem.

While looking into this a little further I found this website that might be the cause of the issue. I don’t know much about this stuff so I can’t say for sure.
https://blog.mozilla.org/security/2014/09/23/phasing-out-certificates-with-sha-1-based-signature-algorithms/

Apparently sites like Google and Yahoo have been using an outdated signature algorithm with their certificates. I don’t know if they updated this yet. Please look into this. I am having issues logging into Google and I am not able to use my usual Google account. Some sites are also looking weird. I was able to create an account using Yahoo so I can report this.

After looking at this further I seemed to locate the issue on this website. https://support.mozilla.org/en-US/kb/tls-error-reports

When a website you visit attempts to secure communication between your computer and the website, Firefox cross-checks this attempt to ensure that the certificate and the method the website is using are actually secure.
Some websites try using out-dated (no longer secure) TLS mechanisms in an attempt to secure your connection. Firefox protects you by preventing navigation to such sites if there is a problem in securely establishing a connection. When this happens, you will see an error page with the option to report the error to Mozilla.

When I use Internet Explorer instead of Firefox I do not have this issue. I believe it is a result of a recent Firefox update.


Social Media Login, can't reset password
#2

This forum software is provided by a third party and I don’t really have any control over the accounts or how it operates. I believe I can download backups and userdata but never have. (I’ll do it one day)

https://www.discoursehosting.com/

I will get in touch with them and let them know about your issue.

The Intel problem in game is something else entirely I would say.

Jay.


#3

I do not know whether I am providing the proper help for the problem that you are describing, but in 2015 FEB, Jay sent out this notification, which originated from Google itself.

https://plus.google.com/103213977202637806106/posts/fFcAma7tePq

So in the game, I stopped using my google social login, and reset my password to be able to continue using my same account without losing my victories, rank and renown.

I did the same thing in this forum, reset my password to avoid using Google social login, so I could continue using my same account without losing my badges.

These steps were successful for me.

When was your previous successful login without this “sec_error_bad_signature” problem ?


#4

I do not know about you, but my browsers and I have a happier browsing experience when I disable third party cookies.

This screenshot is from Firefox. mouse click Tools / Options / Privacy :

.


#5

But how my google analytics track you?


#6

You absolutely do have control over how your forum operates, we’re “just” the hosting provider.

You are using a deprecated version of Google’s OpenID authentication. Google has ended support for OpenID by April 20, 2015. You need to start using Google OAuth2 as soon as possible.

We have sent you instructions how to reconfigure your forum.


#7

First party cookies are being used when a gamer visits your sites, and the forum.

Third party cookies are usually used by third party advertisements, which seem to be used at NP1 , Blight 1, and Jupiter’s Folly, but not at NP2.

Third party cookies are sometimes a security risk, because some malware are served by bad advertisements from hackers.

Blocking third party cookies can reduce files stored in the browser cache. This can slightly improve PC performance speed.


#8

Oh sorry Mr Discourse Hosting Support guy,

I only meant that I didn’t code the forum so have no direct control over the login flow as I do on the game that folks here play.

I also didn’t mean to suggest that you do either, just trying to plug your service that I have been very happy with so far!

The error that @Jason reported didnt sound like an Google Oauth issue, because I would assume google would have a more direct message for the user instead of just serving a bad certificate.

Thanks for the info via my email. I’ll not be upgrading to OAuth2 because Google can suck my balls. I’d rather users transition off social media logins and onto local accounts.

Don’t suppose you know of any nicely formated instructions for how to do this I can direct my users to?

Jay.


#9

Bwahahahahaha!