Re: Is SSL protection active without padlock in Explorer Task Bar?
From: Roger Abell (mvpNOSpam_at_asu.edu)
Date: Sat, 9 Jul 2005 06:26:00 -0700
If what Paul indicates does not lead to a secure session,
then I would have to question how well the information
is protected once on their systems, not just there choices
for getting info back and forth in a browsing session.
Sort of the rock in the stream telling one about the mountain
from which it came.
-- Roger Abell Microsoft MVP (Windows Security) MCSE (W2k3,W2k,Nt4) MCDBA "Nick" <Nick@discussions.microsoft.com> wrote in message news:927CF97B-6C58-4129-93A9-8C5CA98823A9@microsoft.com... > Thank you for your reply, Tom; > No, There is no HTTPS; in front of the URL. I forgot to mention that was > the other tipoff that there was a problem. By the way you can look the URL > if you like, it is < http://www.centerstatebank.com/ > Notice the upper > left signon box has a picture of a padlock. They say that means it is > secure. > > The Bank says that the site will be HTTPS and be secure once I enter the > signon and password. I said to them, my gut told me that if the page was not > secure when I enter the SO/PW then my signon could be compromised. They come > back that other online banking sites such as Wachovia also use this same > approach. My response to them was, that I probably would not do my online > banking with them either. > > Nick > > "Tom Pepper Willett" wrote: > > > Does the URL in the browser show as https:// .. signifying a secure > > connection. If not, I personally would not sign in. > > > > Tom > > "Nick" <Nick@discussions.microsoft.com> wrote in message > > news:A8771590-0BAD-4DD0-A687-1AF428C78FF7@microsoft.com... > > | One of my banks has gone to a new internet banking supplier. They have a > > new > > | online banking site that does not have the SSL padlock symbol displayed in > > | the explorer task bar. They have a picture of the padlock up in the > > graphics > > | next to the sign-on and password boxes displayed on their signon page, but > > | none down where I have been accustomed to looking to see if the data was > > | secure. They (the Bank) repeatedly tell me that entry is protected and > > once > > | enter my password and get into the site the padlock will be there. They > > say > > | this is safe, but I do not trust it. > > | > > | I am afraid that if the password is entered outside SSL protection that > > | could be bad. Every other banking, credit card, and business site I use > > has > > | the padlock protection symbol displayed in the task bar when the sign on > > | pages are displayed. > > | > > | CAN THEY BE TRUSTED? Of should I find another bank? > > > > > >