Firefox And Chrome Will Soon Warn About Login Pages Served Over HTTP

[Lucian Armasu]

Firefox 51 and Chrome 56 stable will start warning users when login pages or other web pages that ask for password or credit card information are served over non-secure HTTP connections.

Firefox And Chrome Will Soon Warn About Login Pages Served Over HTTP : Read more

 

[WFang]

Firefox 51 and Chrome 56 stable will start warning users when login pages or other web pages that ask for password or credit card information are served over non-secure HTTP connections.

Firefox And Chrome Will Soon Warn About Login Pages Served Over HTTP : Read more

From the article: "For web developers that still haven’t taken seriously the push for HTTPS, and who are still serving their websites mostly over HTTP, this may be the last call to action that will convince them to make the transition." and "That could cost them lost reputation with users who will start seeing their websites being marked as not secure."

Yeah, I've sort of pointed this out to Tom's before via their various feedback avenues, but I find it both ironic and somewhat troubling that Tom's still has NOT moved to an HTTPS format themselves.

So, how about the article author files a similar note or raise this concern via the internal 'support' mechanisms? It is way overdue that you guys get behind your own preaching and practice what you report!

 

[problematiq]

Bout, Dang, Time. Working info-sec I see WAY more clear text usernames/passwords then I care to.

 

[WFang]

I see this topic continues to get all the attention it deserves. /s

 

[BaldrGeek]

As an end user, it's a pain. I play a game online, and now firefox harasses me every time I try to log in.

There are other browsers, and I will probably move to one of those soon, just because the folks at firefox have decided that it's okay to be a dick to their users.

If you could mark a domain as "I know, now leave me alone about it", that would be fine. "We're going to act like dicks every time you log in" isn't.