How do I secure my email account? It shows a yellow or gold tryangle
pat of my email is secure, and part is not.Never had this problem before, and don't know how to correct it.
Isisombululo esikhethiwe
Do you get the message that some parts of the page (images) are not secure? Is your question whether you should be worried about that?
You should only be a little bit worried, I think, because:
(1) It is fairly common to have images in email messages that were embedded with HTTP addresses instead of HTTPS addresses.
(2) A normal image is not a security threat, whether it is retrieved on an open connection or an encrypted connection. (Sometimes bugs are found where an image can crash the browser and run dangerous code, but you would have noticed that!)
The potential danger with HTTP images on an HTTPS site is that some information may "leak" when Firefox requests an image -- if the image address and the main page address have the same server (e.g., mg.mail.yahoo.com or outlook.live.com). The main page set some cookies which identify your browser and entitle you to access the content you logged in to see. When fetching the image, Firefox will send the server any cookies of those cookies that are not restricted to HTTPS connections.
Here's the issue: if someone intercepts those cookies -- most likely on a public wi-fi hotspot, far less likely at home -- the interceptor could possibly try to join your session by going to the site home page and simulating your browser by submitting your cookies.
A well designed web application would recognize the hijacking attempt and terminate the session immediately, forcing you to log in again and get a fresh set of session cookies. That would foil the intruder. There may be sites that do not have that level of protection, so you may prefer not to use those on an open network connection where snooping is easy.
Funda le mpendulo ngokuhambisana nalesi sihloko 👍 0All Replies (2)
This is about mixed content present on the page. This could be about embedded images or other content that comes via an open HTTP connection.
You can check the Web Console for details.
- "3-bar" menu button or Tools -> Web Developer
- https://developer.mozilla.org/Tools/Web_Console
You can see a special padlock at the left end of the location/address bar.
- a padlock with a strike through means that mixed active content is blocked.
- a padlock with an exclamation mark attached means that mixed passive content (e.g. images) is present, but not blocked.
The shield icon, previously used for mixed active content, is now used for Tracking Protection.
Isisombululo Esikhethiwe
Do you get the message that some parts of the page (images) are not secure? Is your question whether you should be worried about that?
You should only be a little bit worried, I think, because:
(1) It is fairly common to have images in email messages that were embedded with HTTP addresses instead of HTTPS addresses.
(2) A normal image is not a security threat, whether it is retrieved on an open connection or an encrypted connection. (Sometimes bugs are found where an image can crash the browser and run dangerous code, but you would have noticed that!)
The potential danger with HTTP images on an HTTPS site is that some information may "leak" when Firefox requests an image -- if the image address and the main page address have the same server (e.g., mg.mail.yahoo.com or outlook.live.com). The main page set some cookies which identify your browser and entitle you to access the content you logged in to see. When fetching the image, Firefox will send the server any cookies of those cookies that are not restricted to HTTPS connections.
Here's the issue: if someone intercepts those cookies -- most likely on a public wi-fi hotspot, far less likely at home -- the interceptor could possibly try to join your session by going to the site home page and simulating your browser by submitting your cookies.
A well designed web application would recognize the hijacking attempt and terminate the session immediately, forcing you to log in again and get a fresh set of session cookies. That would foil the intruder. There may be sites that do not have that level of protection, so you may prefer not to use those on an open network connection where snooping is easy.