Not Secure

That's been happening a lot lately when I use Chrome. Not sure what changed, but it affects web sites I've been visiting for years.
 
If you visit https://www.early-retirement.org (note the HTTPS) that warning should go away.

http and https are basically the same thing, except that https uses an encrypted connection - S is for "secure".

Google is on a crusade to get the web to switch over to https and it starting to report http sites are "Not Secure".

Frankly, for a site like www.early-retirement.org it's rather unimportant, but google thinks otherwise. And google is apparently in charge now.

To fix this "problem" change your bookmarks to use the https form of the URL and chrome should shut up.
 
Yes, Google is actually looking out for us, believe it or not.

HTTPS everywhere is a good start, though certainly not 100%.

Some bad guys are already finding ways to trick people into using the ordinary HTTP no 's' sites so they can put their malware to use.
 
Last edited:
Everything should be HTTPS these days. There is no good reason for them not to be.

One must be careful, often pages that are HTTPS will open links to other pages that are not HTTPS. It's a minefield out there.
 
Chuckanut said:
Everything should be HTTPS these days. There is no good reason for them not to be.
Click to expand...

I don't want to get into a debate, but I've hear pretty good arguments from security knowledgeable people that don't think every web site should necessarily migrate to https.

That being said, sites I have all use https these days (if you want a decent google ranking, you have to do this - they will derank you if you aren't using https). It's easy to do with Let's Encrypt free certs.
 
My initial log in shows https:, then the https clicks off and this fills the address, I use Firefox
http://www.early-retirement.org/forums/f32/not-secure-93581.html#post2102443


https shows then disappears at different forums. When http is there, "not secure" shows up. So if I click on User CP, https is there, when I click on a post it disappears to "not secure."
As I'm writing this, "not secure" is there.
 
Last edited:
Yes, the Portal page uses HTTPS, but when it links to other pages on this site HTTPS is gone and we are back to 'Connetion is not Secure'. I am using FireFox with the HTTPS Everywhere add-on.
 
Chuckanut said:
Yes, the Portal page uses HTTPS, but when it links to other pages on this site HTTPS is gone and we are back to 'Connetion is not Secure'. I am using FireFox with the HTTPS Everywhere add-on.
Click to expand...


So, protects, even if https prefix is not there.

HTTPS Everywhere by EFF Technologists

Featured ExtensionFeatured Extension

Encrypt the web! HTTPS Everywhere is a Firefox extension to protect your communications by enabling HTTPS encryption automatically on sites that are known to support it, even when you type URLs or follow links that omit the https: prefix.
 
Must be something in this for Google. As https leaves as meta data a trail of secure connections I figure it permits Google to track individual users more easily.
 
of the 15 tabs on my computer this AM, all except 2 have the https.
One that doesn't is ER. I don't type in any prefix for any site, just the name and the prefix is a default? Is that ? default something the site determines?
 
the login page is 'secure ' and the other ones i have visited here are not

i find it a little strange but i have seen this before ( in other websites ) when using Cloudflare particularly based in Asia .( but those other sites eventually solved the issue .. one way or another )

i hope this helps in any investigation of the issue
 
GrayHare said:
Must be something in this for Google. As https leaves as meta data a trail of secure connections I figure it permits Google to track individual users more easily.
Click to expand...
Do you have a reference to something that gave you that idea? I've never heard that tracking was improved with TLS protocol. Google does offer JavaScript code that any web site may choose to add to their pages the purpose of which is to gather metrics. I suppose the data from those might be more trustworthy if over a secure connection. Of course Google gives those metrics to the web site owner, but also probably finds a way to make money off it. Anyway, I just wondered how adding encryption would give the Google any more benefit.
 
mpeirce said:
I don't want to get into a debate, but I've hear pretty good arguments from security knowledgeable people that don't think every web site should necessarily migrate to https.
Click to expand...

Any reference to that? Doesn't seem to make sense to me.
 
SSL provides a level of security (by encryption) of the communications typically between a browser and a server. It does not mean the web site is secure, just the transmission of info to/from it.
 
Last edited:
yikes. I just checked our business site. Not secure. The main thing we use it for is to direct CC payments for invoices. But PayPal processes that. I have not had anyone complain. Better to get ahead of that issue

i better talk to "my guy"
 
That’s been happening to me recently as well with Chrome. Not here, but one site I recall was the Navy website (navy.mil).

Not secure!? Guess I’ll have to risk it. :D
 
Chuckanut said:
Everything should be HTTPS these days. There is no good reason for them not to be.

One must be careful, often pages that are HTTPS will open links to other pages that are not HTTPS. It's a minefield out there.
Click to expand...

The login pages here are secure (httpS) but as noted by many, the rest of the site is not. We store no financial info or other sensitive content here and we long ago changed login pages (where password data is passed) to meet current security standards.

The primary reason for not changing the rest of the site is that we have thousands of links in posts to offsite images and content that are not https. ALL those links would break. As the www updates it will be easier to make this change but for now we would rather retain that content then break it.
 
marko said:
I just noticed 'not secure' and tried your link. It drops the https and brings me back to not secure. (Chrome user)
Click to expand...

As soon as you are logged in this will happen. You will only see the https page on the login page as you are logging in (and login credentials are being passed)
 
mpeirce said:
If you visit https://www.early-retirement.org (note the HTTPS) that warning should go away.

http and https are basically the same thing, except that https uses an encrypted connection - S is for "secure".

Google is on a crusade to get the web to switch over to https and it starting to report http sites are "Not Secure".

Frankly, for a site like www.early-retirement.org it's rather unimportant, but google thinks otherwise. And google is apparently in charge now.

To fix this "problem" change your bookmarks to use the https form of the URL and chrome should shut up.
Click to expand...
This only works on your saved links edited to use https. As soon as you click on another er.org link you are back to http and the “Not Secure” warning.
 
Same here, as soon as I go to a sub-forum I'm "Not Secure" again.

I'd like to be as secure as absolutely possible if for no other reason than I don't understand all the idiosyncrasies (and really don't want to).
 
You must log in or register to reply here.

Similar threads

G
Future Opt Out Lump Sum tax checkbox
Replies
2
Views
303
pb4uski
pb4uski
E
Just got a new Fidelity Brokerage account. Not able to link it to my credit union at
Replies
14
Views
776
qwerty3656
Q
H
Anyone use Google Password Manager?
Replies
14
Views
737
target2019
target2019
R
Travel Hack - Works for Me
2
Replies
27
Views
2K
CarbonaNotGlue
C
M
Social Security Tips on W-2 and Retirement Benefits
Replies
15
Views
735
meleana
M

Latest posts

Back
Top Bottom