Check Any Web Site's Encryption Safety

toggle-button

If you're about to type private information (password, bank account details etc) into a web site, it's always a good idea to take a glance at your browser's address bar first. Does the address of the page start with https rather than just http? If so, it means that the site is encrypted and so it's much more difficult for a hacker to be intercepting your data.

To enable the use of encryption, the web site operator needs to apply for something called an SSL Certificate, which is a small text file that verifies their identity. They then need to install this file on their server. The certificate is only granted once the web site operator has proved their identity to the trusted company that issues certificates. And certificates generally expire after a year or 2, after which they need to be re-requested.

SSL Tools encryption check windowTo check the validity of any web site whose security you're concerned about, and which uses https, head to https://ssltools.websecurity.symantec.com/checker/views/certCheck.jsp in your web browser and enter the address of the web site. It will verify that the SSL certificate used by the site is current and valid, and will also give you additional information about any other major vulnerabilities on the site.

If you run a web site that uses SSL, you can also use the system to check that your certificate is working correctly.

Please rate this article: 

Your rating: None
4
Average: 4 (16 votes)
toggle-button

Comments

Any extension would work better.

What does this mean?

I mean that if you often have to check the sites safely, visiting another isn't as comfortable as having a browser extension that would check this automatically.

There's an even easier way if you use Firefox of Chrome (and maybe, Opera, too). Go to the Electronic Frontier Foundation (eff.org) and on the right side, look under "Projects". Download/install their HTTPS EVERYWHERE add-on (https://www.eff.org/https-everywhere). It forces HTTPS to be used EVERYWHERE. Only trouble is, it doesn't work in MS IE 11.

Yes it does Force HTTPS, and judging from users often showing up at Mozillazine for help because they can't access sites, it's a major PITA ;) Not recommended. Uninstall.

The question is: where are these folks going??? I've never had a problem with it, but OTOH, I don't go to questionable sites. Of course, everyone's MMV. It works for me and the people I know. Without knowing the sites those other folks are going to, I don't see how you can make your statement.

I have no idea what your interpretation of "questionable sites" is.. @Hint, the key word is 'force' ;)

It occurs to me that if you have cause to doubt the security of the information you're entering, maybe you shouldn't be entering it? This site would help limit the risks for even slightly suspicious sites, but avoiding them works much better.

Thanks this is great for a quick as a user but for the Pros (e.g. webmasters, power users) I can highly recommend this site https://www.ssllabs.com/ssltest/

I entered the URL of one of the bank sites I use regularly and this site tells me "The certificate installation checker connected to the web server, but it could not read the web server's certificates." Should I be concerned? This is for the largest bank in Australia.