No one has responded to this discussion for at least a year, so this information may be out of date. If you're looking for information about this topic, please search for a more recent discussion or post a new question.

No HTTPS for Team Site

  • 4 Followers
  • 5 Replies |
  • This post has 1 verified answer |
Answered (Verified) This question is answered
We just signed up our company for a beta account. When redirected to our new team portal, we noticed that it is not running via HTTPS. 

Does this mean that our passwords are being sent in the clear?  Is there plans to offer HTTPS? If not, then I am not sure we could use this feature due to the lack of security. 

FYI, we also noticed this when we went to the Microsoft Office 365 Community site.

    0 out of 1 people found this post helpful.

  • Post Points: 20
Verified Answer
  • We made this decision for simplicity and usability. In SharePoint Online for small business, there is user name & password protection security for intranet level team site(s). Per the early feedback we are receiving, Microsoft is in design planning to bring https:// to the SharePoint Online for small business offering in a future update.

    • Not Ranked
    • Post Points: 0
All Replies
  • Really…tell me your joking right?  "We made this decision for simplicity and usability."

    Is it really that hard to implement https for the small business version and how does the added security diminish the "simplicity and usability to the end user?  Even SkyDrive has https.  So basically Office 365 Small Business users are at risk for “man-in-the-middle attacks” (https for login only is not good enough) and other threats.  

    I can’t seriously consider Office 365 for small business use until full session https  is implemented. Also, you can not use the Window 7 Phone Office Hud for Sharepoint unless it's https.  

    • Not Ranked
    • Post Points: 0
  • FYI-In OLSB. there was an option to force secure connections on the business apps area only(ie private site). Something like that would be fine.


    http://webbrewers.com/   |     |  Get more out of Office 365

    • Top 50 Contributor
    • Male
    • Post Points: 0
  • @ Mch Forcing https session would not be an acceptable solution, especially when you’re paying $72 a year per a user.

    FYI all OLSB customer will be transitioning to Office 365.

    • Not Ranked
    • Post Points: 0
  • PK,

    Not sure what you mean by  "Forcing a full SSL session would not be an acceptable solution". What was offered in OLSB was exactly what the original poster was requesting-the option to turn on or off https protection as required within the Sharepoint intranet without affecting public aspects of account..

    Many 365 users have requested that option. How would you like it to work?

    By the way, I'm well aware of what's going on with OLSB.


    http://webbrewers.com/   |     |  Get more out of Office 365

    • Top 50 Contributor
    • Male
    • Post Points: 0
Page 1 of 1 (6 items)