Understanding Web Site Certificates
Are you planning to purchase something online or do you login often using public Wi-Fi?
What you need to check before entering your credentials or credit card details is the so called Website Certificate!
What are web site certificates and how do I protect myself?
Website certificate means that the site encrypts the traffic between your PC and the internet while entering your credentials. Two components that indicate that a site uses encryption:
- A lock located at the top of the browser
- A URL that begins with https: and not http:
If a web site has a valid certificate it means that a certificate authority has taken steps to verify that the web site belongs to that organization. Your browser do the following checks:
- The web site address matches the address on the certificate
- The certificate is signed by a certificate authority
- The certificate is not expired
If the browser senses a problem will present you a box that there is an error with the site certificate. Usually you have the option to accept the certificate manually which is not recommended if you are not 100% positive is the correct website.
How do you check if a certificate is valid?
One option is to click on the lock icon to find more information about the certificate including the following:
- Who issued the certificate - You should make sure that the issuer is a legitimate trusted certificate authority
- Who the certificate is issued to - The certificate should be issued to the organization who owns the web site.
- Expiration date - Most certificates are issued for one or two years.
- Some organizations have their own certificate authorities
Remember do not submit your information over non secure connections otherwise your data will be in clear text and whoever hacker spies the network will steal your username, password or even your credit cards.
Tip of the month is brought to you by