Legacy non-TLS Login Support Being Removed
Scheduled Maintenance Report for LuxSci
This maintenance was completed in February as scheduled.
Posted Mar 09, 2020 - 09:17 EDT
During February, 2020, LuxSci will be removing all legacy support for logging into accounts without the use of TLS encryption.

Certain LONG-time legacy customers who do not have specific security or compliance requirements have a grandfathered ability to enable their users to login to specific services without TLS encryption -- i.e., in plain text. Often, this capacity was used to support legacy hardware devices (e.g., printers and scanners) that did not support TLS.

This grandfathered insecure login permission is being globally removed during this maintenance window. No one should be considering using any system that sends credentials of any kind "in the clear" across the public internet, no matter what the legacy reason. After all these years, the majority of equipment and software finally does support TLS so the barrier to better security is minimal.

Any legacy LuxSci customer that is currently using insecure logins for POP, IMAP, SMTP, or FTP should update their systems to use the secure alternatives before February 1st, 2020. Once the servers are updated, such connection attempts will begin to fail.

LuxSci will be auditing its customers and sending direct notices to those that have recently made insecure connections to alert them to this forced change.
Posted Nov 26, 2019 - 14:58 EST
This scheduled maintenance affected: LuxSci Network Infrastructure, Shared WebMail, Hosted Email, and Hosted Web Services.