Join the AMA (Ask Me Anything) with the Firefox leadership team to celebrate Firefox 20th anniversary and discuss Firefox’s future on Mozilla Connect. Mark your calendar on Thursday, November 14, 18:00 - 20:00 UTC!

Zoeken in Support

Vermijd ondersteuningsscams. We zullen u nooit vragen een telefoonnummer te bellen, er een sms naar te sturen of persoonlijke gegevens te delen. Meld verdachte activiteit met de optie ‘Misbruik melden’.

Meer info

Deze conversatie is gearchiveerd. Stel een nieuwe vraag als u hulp nodig hebt.

Can personal info/accts be accessed when moving from an http to an httsp page on a website?

more options

Making purchase on a website, once you've chosen your items and start to move to check out to register your personal information/account information (or stored personal/account information) you may be moving from an HTTP to an HTTSP page/site. Does this give users the opportunity to more easily access your private information on those sites? If so, what can be done to reduce the likelihood of this happening. Thank you.

Making purchase on a website, once you've chosen your items and start to move to check out to register your personal information/account information (or stored personal/account information) you may be moving from an HTTP to an HTTSP page/site. Does this give users the opportunity to more easily access your private information on those sites? If so, what can be done to reduce the likelihood of this happening. Thank you.

Alle antwoorden (1)

more options

When your browser requests an HTTP page, it is sent in "clear text" meaning that it is not encrypted and could be intercepted and read along the way.

When your browser requests an HTTPS page, it first creates a secure connection with the server, and the browser and server agree on how to encrypt the communications between them. Assuming that everything is working correctly, the data sent to and from an HTTPS page cannot be read by anyone else.

It is fairly common for websites to use HTTP until the point that you need to submit sensitive data, such as your login, at which point they switch to HTTPS. If you want to submit your login on an HTTPS page rather than trusting the site to do it right, you can enter an invalid login such as asdf for both the username and password. Usually the "try again" page will use HTTPS so then you can be sure the login is being sent through an encrypted connection.

Now... the encryption only operates between your browser and the server. On the server end, the data is readable, and on your browser, the data is readable. Therefore, you still want to make sure you trust your add-ons and other software on your computer since they have access to the actual data you enter and receive back.

Finally, it's a good idea to sign out of the site after you complete your transaction, and close the window you used to access it. This makes it less likely that someone else with access to your computer can poke around in your account.