Website Security

Website security: More than the green padlock?

If you’ve updated your browser recently you’ll notice that the green icon that many became accustomed to is now completely removed from the interface. Thats not because the site you are visiting is inherently “insecure”, but because the major browser vendors realized that it was giving users a false sense of security while browsing the internet.

Starting in 2015 a design decision was made to emphasize that a site was served using an SSL certificate in an valiant effort to make the internet more secure. Browsers also began giving scary red warnings when users visited sites not served over SSL. Fast-forward nearly 10 years and accessing websites via SSL has become the standard.

SSL stands for secure socket layer and simply means that all communication between your web browser and the internet is encrypted. Which is a great step towards blocking a certain type of sophisticated packet-sniffing or man-in-the-middle type hack.

The trouble is, its very easy for a illegitimate website to obtain an SSL certificate. With the rise of Phishing type attacks, scam emails can direct users to websites that have valid SSL certificates and previously displayed the green “secure” icon. The trouble being these sites were anything, but “secure” with the intent of stealing user’s login credentials.

The change in UX makes sense, but its always important to be cautious about visiting websites that collect any information from you (especially banking or e-commerce sites).

Browse safely!