Avatar for Username

Sykje yn Support

Mij stipescams. Wy sille jo nea freegje in telefoannûmer te beljen, der in sms nei ta te stjoeren of persoanlike gegevens te dielen. Meld fertochte aktiviteit mei de opsje ‘Misbrûk melde’.

Mear ynfo

Dizze konversaasje is argivearre. Stel in nije fraach as jo help nedich hawwe.

Yahoo "lock" showed DigiCert, then suddenly changed to Equifax

  • 4 antwurd
  • 4 hawwe dit probleem
  • 5 werjeftes
  • Lêste antwurd fan Boudica

Boudica
Boudica
more options

This just occurred during the past few days. I never saw Equifax shown as the verification reference for the "locked" (secure) website before (the little padlock). I blocked some of the cookies on Yahoo, and now it is showing DigiCert again. Does anyone know why this would have changed? Everything else on the webpage is "normal" including the sign-in seal.

Is this a security issue??

This just occurred during the past few days. I never saw Equifax shown as the verification reference for the "locked" (secure) website before (the little padlock). I blocked some of the cookies on Yahoo, and now it is showing DigiCert again. Does anyone know why this would have changed? Everything else on the webpage is "normal" including the sign-in seal. Is this a security issue??

Keazen oplossing

The log in page has a different certificate issuer that the Yahoo main page.

  • Login page: DigiCert High Assurance CA-3
  • Yahoo main page: Equifax Secure Certificate Authority

That might base caused by adding support for a secure connection to the main Yahoo page at a later time and choosing to use a certificate from a different CA. There is nothing to worry about although you would expect an EV certificate from a large company like Yahoo for at least the log in page to increase the trust and confirm the identity.

Dit antwurd yn kontekst lêze 👍 1

Alle antwurden (4)

cor-el
cor-el
  • Moderator
  • Top 10 Contributor
more options

Did you check via the right-click context menu on the web page if that web page possibly got opened in an (i)frame?

Were you using a bookmark or did you navigate to this page starting with the Yahoo home page?

Boudica
Boudica Fraacheigener
more options

This occurs when I go to the Yahoo website, and from there I click on the "sign in" as I have always done. Today, the website (padlock) showed Equifax, and when I went to the "sign in" menu, it showed DigiCert. Apparently both of them are "secure" (??).

Thank you for the suggestion, cor-el.

cor-el
cor-el
  • Moderator
  • Top 10 Contributor
more options

Keazen oplossing

The log in page has a different certificate issuer that the Yahoo main page.

  • Login page: DigiCert High Assurance CA-3
  • Yahoo main page: Equifax Secure Certificate Authority

That might base caused by adding support for a secure connection to the main Yahoo page at a later time and choosing to use a certificate from a different CA. There is nothing to worry about although you would expect an EV certificate from a large company like Yahoo for at least the log in page to increase the trust and confirm the identity.

Boudica
Boudica Fraacheigener
more options

Thank you cor-el, for the explanation. I was concerned since I had not previously noted any reference to Equifax. Your help is most sincerely appreciated.