Page Encrypted Warnings in Firefox

About Page Encryption

• Websites that accept or display sensitive information may encrypt their pages so that hackers can't eavesdrop on your computer's communication and intercept your data. When you browse to an encrypted page, your browser accepts the encrypted data, decrypts the page for display, then re-encrypts any data you send to the website from that page. Sign-in pages and credit card forms are common examples of encrypted pages. In addition, a page may combine encrypted elements, such as a sign-in form, with unencrypted elements by using frames or JavaScript.

Firefox Warnings

• Firefox can display a warning message when you open or leave an encrypted page, as well as when you open a page that includes both encrypted and unencrypted elements. In addition, Firefox can warn you when you submit a form that isn't encrypted and when the encryption used on a page is weak. Each of these warnings begins with the heading, "Security Warning." By default, Firefox 4 and later display a warning the first time you view or leave an encrypted page and every time you view insecure, unencrypted forms and pages containing mixed content.

Disabling Security Warnings

• The easiest way to disable a "Security Warning" message in Firefox is to deselect the check box when you see the message itself. This will ensure you won't see future messages of that type. For example, if you uncheck the "Alert me whenever I am about to view an encrypted page" check box in any encrypted page warning and click OK, you will no longer see a warning when you view an encrypted page.

Enabling Security Warnings

• You can also toggle each warning message in Firefox 4 and later using its configuration page. First navigate to the configuration page by typing "about:config" into the Firefox address bar. Make sure the list of settings is displayed alphabetically by preference name, then scroll to the settings beginning with "security. warn":

  security. warn_entering_secure
  security. warn_entering_secure. show_once
  security. warn_entering_weak
  security. warn_entering_weak. show_once
  security. warn_leaving_secure
  security. warn_leaving_secure. show_once
  security. warn_submit_insecure
  security. warn_submit_insecure. show_once
  security. warn_viewing_mixed
  security. warn_viewing_mixed. show_once

  Double-click the setting you want to toggle it between "true" (on) and "false" (off). Settings marked "show_once" will only display the warning the next time you view a page of that type unless you select the check box in the warning.

Site Identity Button

• Even if you disable all security warnings in Firefox, you can determine whether a page is encrypted by using the Site Identity Button to the immediate left of the location bar containing the site's URL. If the button is gray or displays only the site's icon, the page is not encrypted. If the button is blue, the page is encrypted but includes only basic identity information. If the button is green, the page is encrypted and uses an enhanced certificate for better identity verification. You can click the Site Identity Button at any time to see all available information on the site and its security.