Macro Systems Blog
Google Chrome is Upgrading Its Security Notifications
When you are browsing the internet, do you know if you are secure? Most of the time your browser will let you know when a site is secure or not. This is especially critical if you are putting in sensitive information, such as passwords or credit card numbers. Google Chrome is upgrading it’s game to keep users safe.
How Chrome is Shaking Up the Standard Advice
There are two paramount types of websites: HTTP and HTTPS. The main difference between them is that the one with the S at the end signifies that the data was sent through a secure connection, meaning that there are extra layers of security there to protect it from any unauthorized eyes. It’s been a best practice for a long time to ensure that any sensitive data sent to or from a website uses a secure connection. This is accomplished by looking for the padlock icons in the address bar.
Google is finally upgrading its game by labeling businesses that don’t encrypt their communications with their host server. Chrome will alert users when they are surfing a site that isn’t using HTTPS; the motive is to put the pressure on websites that have yet to adopt HTTPS. Since Chrome is the most popular web browser, it makes sense that this approach could spark a revolution in website security. So far, the approach is seen as ideal by security professionals.
What About Other Browsers?
The other paramount web browsers - Safari, Firefox, and Edge - also have some plans for how they will handle unencrypted websites in the future. Still, not all of them plan on flipping the script in such a dramatic way.
- Firefox: It’s likely that Firefox will go down a similar path to Google Chrome. Firefox is still subscribing to the “confirming the page is secure” method. Firefox will also tell you whether or not the HTTP page contains a login form with a padlock that is stricken through. There is even a warning that pops up when the cursor moves over any of these fields. In the future, the browser will display all HTTP pages with the strike-through padlock, even if there aren’t any forms.
- Safari: Apple has yet to stray from tradition; the browser just confirms that the connection is secured by showing the lock. Nonetheless, Apple has taken other, different steps toward ensuring the security of its users. If a user attempts to log into an HTTP page, the page will inform them with alerts popping up into the field and the address bar, much like Firefox does now.
- Edge: Microsoft Edge only tells a user when a page is protected, but there are other options in place that permit the user to access even more information about their connection. This information can reveal if the connection isn’t encrypted, identifying it as a potential hazard. This same feature doesn’t extend to the input fields on unencrypted pages, though. We don’t think Edge is doing enough to warn users about unsafe browsing.
Are you unsure of how to keep your organization secure? Reach out to Macro Systems at 703-359-9211.