Friday, January 27th, 2017
This article is a must-read for people who do online shopping or any online activity that requires you to provide sensitive personal and private information. Protect your password and secure your credit card details, my dear human.
Because all data that’s shared between you and a secure website cannot be intercepted. It means you can sleep at night because your transactions are safe and protected.
There are endless possibilities when your private information is not secured by a website that asks for it. Here are some risks:
Identity theft. Using your personal and private information, the identity thief pretends to be you while conducting illegal activities. It will be your name on the line, both literally and metaphorically. So if you want to be the only “you” in the world, read on, my dear.
Stolen credit card or bank account information. People who got a hold of your credit card or bank account information can purchase goods on your behalf. They can even produce a duplicate of your credit card or ATM card!
So unless you’re okay with sharing your identity, bank account and credit card with bastards, keep reading.
It’s good practice for every website to have the things I am about to list below. But definitely,
Online store websites
Online banking websites
Membership websites that requires logging in
are the kinds of websites that SHOULD be secure no matter what. As long as you are required to provide sensitive and private information, then the website should be secure. And finally,
HTTPS is the secure version of HTTP, and it stands for Hypertext Transfer Protocol Secure.
There’s a lot going on behind HTTPS, but basically, if the website URL starts with https:// then it means your communication with the website is encrypted.
Even if a hacker gains access to your connection with the website, he cannot read your communication because it’s secured with encryption. I know, right?
In contrast, using HTTP connection means that all data sent over your connection is in plain text. Knowing this makes it pretty obvious why we shouldn’t even think of giving away our credit card details to a website that doesn’t use HTTPS.
If it starts with http:// instead of https:// then you know what to do – don’t give away that credit card info! Don’t sign in with your login credentials! Don’t give away your secrets like the fact that you like pineapple on pizza!
It’s not enough that the website URL starts with https. Some https websites are still suspicious. Thankfully, modern browsers help us to further confirm that a website is secure by providing the green padlock icon in the address bar:
The green padlock confirms that the HTTPS website connection is secure.
If your https connection with a website is still NOT TOTALLY SECURE, then modern browsers warn us by showing a broken padlock, red padlock, crossed-out padlock, or no padlock at all.
The exact icons vary depending on the browser you are using. Here are two of the most common examples:
The website contains mixed content. It is loading other resources that use the insecure HTTP connection. (Not your fault)
The website’s security certificate has expired and has not been renewed by its owner. (Sooo not your fault)
Your computer’s system time is incorrect. Setting the wrong system time on your computer may confuse the browser to think that the website’s security certificate has expired. (It’s alright bro, just fix your computer’s system time)
The website’s security certificate is not trusted. It was not signed by a trusted Certificate Authority. (Don’t blame yourself, Amigo)
The website’s security certificate is self-signed. The website owner generated the security certificate and signed it himself. (Again, not your fault, but you should high-five the owner for the effort)
Before giving sensitive and private information to a website, such as (but not limited to):
Credit card details
Bank account details
Sensitive personal information
The https in the URL.
A green padlock in the address bar. Not a red padlock, not a yellow padlock, and not a broken padlock.
Now that you know how to spot a secure website, I’d love it if you join me in making the rest of the world know too! Or just your grandma – you wouldn’t want her to lose her pension money because of evil-doers on the web that stole her credit card details, I know.
Have thoughts on this article? Comment below! I won’t bite (unless you want me to).