What? Not Secure?
It was secure yesterday?
There is a movement in the Tech world to change how login pages are rated in some of your favorite browsers.
What is the issue?
- Chrome and Firefox are now showing a small warning about web pages with login forms when the main URL of the website does not have an SSL certificate.
- Symantec reported at HostingCon Los Angeles on April 5th that in 12 months Google was planning a new algorithm to downgrade all web pages that are not under and valid SSL certificate.
What is the problem with the login box?
The IT community's conflict is that the browser can see the SSL in the embedded login page/box but it does not show that information to the end-user. The browser can also see that the page embedding the login pages/box is not using an SSL.
Because of this, embedded login pages/boxes with SSLs are now caught in the middle of this somewhat controversial movement. Although an embedded login page/box with SSL is secure.
But according to Symantec in 12 months it probably will not matter as Google will try to push the world wide web toward using SSL for all web pages.
Cliff Notes for non-techies
How do I get this warning removed from my website?
|IE|| No Message - has not been adopted|
1. Get ahead of the curve and Buy an SSL certificate today and have it installed on your website.
2. Remove all iframe-embedded login pages/boxes from your website and link to a URL SSL-secured login page instead. This option may require custom login pages to be built and it will not meet Google's new SSL request coming in the next 12 months.