Join the AMA (Ask Me Anything) with the Firefox leadership team to celebrate Firefox 20th anniversary and discuss Firefox’s future on Mozilla Connect. Mark your calendar on Thursday, November 14, 18:00 - 20:00 UTC!

Search Support

Avoid support scams. We will never ask you to call or text a phone number or share personal information. Please report suspicious activity using the “Report Abuse” option.

Learn More

How do I get 128-bit encryption in Firefox 4.0 for a financial website?

  • 18 replies
  • 282 have this problem
  • 1 view
  • Last reply by juloneil

more options

I need 128-bit encryption capability on my web browser in order to use a specific financial website for bill paying, The site's encryption test shows that Firefox 4.0 (newly installed) does not provide that level of security. Help?

I need 128-bit encryption capability on my web browser in order to use a specific financial website for bill paying, The site's encryption test shows that Firefox 4.0 (newly installed) does not provide that level of security. Help?

Chosen solution

Firefox will match the level of encryption the website uses, and Firefox is capable of higher encryption than 128-bit (256-bit if that is what the website uses).

Read this answer in context 👍 13

All Replies (18)

more options

Chosen Solution

Firefox will match the level of encryption the website uses, and Firefox is capable of higher encryption than 128-bit (256-bit if that is what the website uses).

more options

@the-edmeister. Does this "match" occur synchronously with input to the website or is some other means needed? Thank you.

more options

It depends on which order the server offers. If the server offers 128 bit with a higher priority that 256 bit then Firefox will only select 256 bit if you would disable the 128 bit ciphers.

See also https://www.fortify.net/cgi/ssl_2.pl

more options

@cor-el. Sorry, but I'm a novice using technology so your reply has confused me totally. Can you possibly simplify your answer for me? Thanks.

more options

Firefox 4 for MAC does not work with the US government's security screening site: www.opm.gov/e-qip. Is there something I need to do on my end to let the e-qip site know that 128-bit high encryption is supported??

I get the following warning when e-qip tests my browser. Then I get kicked out.

Warning - We did not detect that your web browser supports 128-bit high encryption. If you have trouble connecting after you click the "Continue" button below, you will need to upgrade your web browser to a version that supports 128-bit encryption.

Thank you

more options

Did you try to click the Continue button to see if that works?

Works for me with an AES-256 bit connection.

more options

I think the www.opm.gov site may be looking for the U that was in the Firefox 3.6 and earlier useragents as it was one of the things removed in Firefox 4.0 and newer useagents. The site says it recognizes the browser but does not detect that your web browser supports 128-bit high encryption which contradicts.

The "U" stands for "USA" (for the version with 128-bit encryption) (since 1996).

more options

Looks like you are right on that James!
Indeed adding "U;" to the user agent makes the red cross and the warning disappear.

That is however not the proper way to test for the presence of a feature.

more options

I get the following error message at the Texas Dept. of Licensing site : Browser 128-Bit SSL Verification Page

Browser Problem! Your Firefox 4.0.1 web browser has 0-Bit Encryption enabled.

This application requires a 128-Bit Encryption web browser, and so it cannot be used by your current browser.

You will need to download a recent version of Microsoft Internet Explorer or Netscape Navigator with 128-Bit Encryption Strength in order to use the secure online payment system.

more options

where do you type "U" ?

more options

You can see the current user agent on the Help > Troubleshooting Information page.

You can try to add "U;" via variations like these for the user agent setting via the pref general.useragent.override to see if that works.
If you update Firefox then you need to adjust the Gecko and Firefox version to reflect the currently installed version.

  • Mozilla/5.0 (Windows NT 6.0; U; rv:2.0.1) Gecko/20100101 Firefox/4.0.1
  • Mozilla/5.0 (Windows; U; Windows NT 6.0; en-US; rv:2.0.1) Gecko/20100101 Firefox/4.0.1

Modified by cor-el

more options

is there an upgrade in the works to fix this

more options

To fix what? .. to put back the U because of a the few websites outdated browser sniffing methods looking for the U in useragent?

more options

I don't know, and I don't know if it is only a few. I presume there was a reason for taking the U out. Perhaps to improve some other functionality. As of now, the credit card website where I encountered the problem cannot verify the ability of Firefox to use 128 encryption and requires that the user certify that his browser is capable. In that way they offload the responsibility for the maintaining security of the user's data back to the user.

more options

It is the consequence of removing as much data as possible from the user agent and only leave the bare minimum.

more options

Does anyone know where to look in Firefox to see if a website HAS SSL encryption? I've come across a site that claims it has encryption, but in other browsers there is a lock icon that indicates this is true and you can check the encryption certificate there. Where is this in Firefox? I looked on http://www.ssl.com and they said Firefox has a lock on the lower left of the status bar. However there is NO status bar in my version of Firefox, no matter how far down I go. (I'm running v 10.0.2, so I think that's the latest and greatest, right?) I'm reasonably sure Firefox would display such an indicator, but I just can't seem to find it. Any suggestions?

more options

In Firefox 4 and later you no longer have the Status bar that showed the padlock in previous Firefox versions.
The padlock only shows that there is a secure connection and doesn't guarantee that you are connected to the right server.
So you might still be connected to the wrong server if you make a typo in the URL and someone has claimed that mistyped URL.
The functionality of the padlock has been replaced by the How do I tell if my connection to a website is secure? on the left end of the location bar.

See also:

more options

This was incredibly helpful to me. Also, I found a spot on the mozilla website that might be helpful to others, as it illustrates what this looks like. Hopefully this link will work for you, too. Try it and see if this is what you're after: http://support.mozilla.org/en-US/kb/Site%20Identity%20Button