When you install Telerik tools you are actually sending login credentials to server to activate right? I see them being passed in http without any encryption albeit as an XML string. See the capture below. Confidential info changed.
Can you fix this please?
<s:Envelope xmlns:s="http://schemas.xmlsoap.org/soap/envelope/">
<s:Body>
<AuthenticateResponse xmlns="http://tempuri.org/">
<AuthenticateResult xmlns:a="http://schemas.datacontract.org/2004/07/Telerik.WebSite.DataContracts" xmlns:i="http://www.w3.org/2001/XMLSchema-instance">
<a:HashedKey>Why You Need This?</a:HashedKey>
<a:IsRemembered>true</a:IsRemembered>
<a:Name>Why You Need This?</a:Name>
<a:Password>Why You Need This?</a:Password>
</AuthenticateResult>
</AuthenticateResponse>
</s:Body>
</s:Envelope>
Can you fix this please?
<s:Envelope xmlns:s="http://schemas.xmlsoap.org/soap/envelope/">
<s:Body>
<AuthenticateResponse xmlns="http://tempuri.org/">
<AuthenticateResult xmlns:a="http://schemas.datacontract.org/2004/07/Telerik.WebSite.DataContracts" xmlns:i="http://www.w3.org/2001/XMLSchema-instance">
<a:HashedKey>Why You Need This?</a:HashedKey>
<a:IsRemembered>true</a:IsRemembered>
<a:Name>Why You Need This?</a:Name>
<a:Password>Why You Need This?</a:Password>
</AuthenticateResult>
</AuthenticateResponse>
</s:Body>
</s:Envelope>