{"id":3099,"date":"2022-11-15T16:00:02","date_gmt":"2022-11-15T16:00:02","guid":{"rendered":"https:\/\/sectigostore.com\/blog\/?p=3099"},"modified":"2022-11-15T16:00:08","modified_gmt":"2022-11-15T16:00:08","slug":"how-to-tell-if-youre-using-a-secure-connection-in-chrome","status":"publish","type":"post","link":"https:\/\/sectigostore.com\/blog\/how-to-tell-if-youre-using-a-secure-connection-in-chrome\/","title":{"rendered":"How to Tell If You\u2019re Using a Secure Connection in Chrome"},"content":{"rendered":"\n

Whether you\u2019re a small business running your website or a website user, it\u2019s imperative you know how to check if you\u2019re using a secure connection. Here\u2019s what you can look out for in the Google Chrome browser<\/h2>\n\n\n\n

The internet is an incredible place for businesses and users alike. As a business, you can reach local or global audiences with the right keyword planning and tools. As a user, you have all of the world\u2019s information available at your fingertips. You can do everything from signing up for health care plans to making payments online with the click of a mouse.<\/p>\n\n\n\n

But whether you\u2019re a business or a consumer, you need to know that the website you own or do business with is secure. Secure means that you sent your data via an encrypted connection that no one except the two intended parties (you and the website you\u2019re connecting to) can decrypt and read it. And you certainly don\u2019t want your personal information \u2014 or that of your customers \u2014 being tampered with or stolen, do you? Of course not.<\/p>\n\n\n\n

But how can you tell whether you\u2019re using a secure connection in Chrome or an insecure one? We\u2019ll cover everything you need to know both from a website user\u2019s perspective and that of the website admin or owner.   <\/p>\n\n\n\n

Site Users: How to Tell If You\u2019re Using a Secure Connection in Google Chrome<\/h2>\n\n\n\n

Just a quick note: A lot of the same points also apply to other browsers, such as Firefox and Microsoft Edge. The only difference, in some cases, is how the different messages display.<\/p>\n\n\n\n

1. Check for the \u201cHTTPS\u201d at the Beginning of the Website\u2019s URL<\/h3>\n\n\n\n

Alright, first on our list of how to check if you’re using a secure connection in Chrome is looking for four important characters in your URL. HTTPS, which stands for hypertext transfer protocol secure, means that you\u2019re using the secure version of this data transmission protocol. When all is working as it should, an HTTPS connection (which looks like https:\/\/<\/em> at the beginning of a website URL) will secure your data as it transmits from your Chrome browser to the website\u2019s server. Otherwise, when data is in transit, it\u2019s vulnerable to interception attacks.<\/p>\n\n\n\n

\"A
Image caption: A screenshot from SectigoStore.com that shows the \u201cHTTPS\u201d that displays by default in our URL.<\/em><\/figcaption><\/figure>\n\n\n\n

Don\u2019t see it? Try clicking on the web address itself. Chrome typically opts to not display the http:\/\/<\/em> and https:\/\/<\/em> portions of the URL in the browser\u2019s address bar so you see the domain right away (i.e., sectigostore.com). But don\u2019t worry \u2014 there\u2019s another visual mark that will quickly inform you about whether you\u2019re using a secure connection in Chrome.<\/p>\n\n\n\n

Last year, Google announced that it would default to HTTPS connections<\/a> instead of defaulting to HTTP. Firefox announced something similar<\/a> for private browsing a few months later. This way, when you want to visit a website such as ours, you only have to type in \u201csectigostore.com\u201d to have it load https:\/\/www.sectigostore.com<\/em> by default instead of the insecure http:\/\/www.sectigostore.com<\/em> without having to type out the entire thing.<\/p>\n\n\n\n

2. Look for a Locked Padlock Icon in Your Web Address Bar<\/h3>\n\n\n\n

There are several visual clues that you\u2019re using a secure or insecure connection \u2014 the first on our list is a set of small graphics in your web address bar. The icons used to create the two following graphics come from Google\u2019s Chrome Support site<\/a>:<\/p>\n\n\n\n

\"A<\/figure>\n\n\n\n

A secure connection displays a grey, locked padlock icon. This icon serves as a visual representation of the security the connection affords by encrypting data in transit.<\/p>\n\n\n\n

\"A<\/figure>\n\n\n\n

An insecure connection, on the other hand, is represented in one of two ways:<\/p>\n\n\n\n

  1. A white exclamation point (!) inside a red triangle.<\/strong> This icon is typically accompanied by a message stating that the website is either not secure or is malicious\/dangerous.<\/li>
  2. A circle grey circle with a small lowercase \u201ci\u201d in the middle of it.<\/strong> The lowercase I signifies that there is information available for you to review regarding the connection. This is the most common symbol you\u2019ll see when it comes to insecure connections.<\/li><\/ol>\n\n\n\n

    The idea here is to show that your insecure connection in Google leaves your data vulnerable to theft and compromise via interception attacks (i.e., man-in-the-middle attacks).<\/p>\n\n\n\n

    So, what if you don\u2019t see the padlock icons, or the website itself is still trying to load?<\/p>\n\n\n\n

    3. Check to See If Your Browser Is Trying to Establish a Secure Connection<\/h3>\n\n\n\n

    If a website is slow to load and you don\u2019t immediately see a security padlock in your browser, it may indicate that you\u2019ve not yet connected fully to the website. In this case, it may mean that your browser is still working to establish a secure connection. This typically happens very quickly \u2014 within less than a second \u2014 but in some cases, you\u2019ll just have to wait a little longer.<\/p>\n\n\n\n

    Whenever you\u2019re trying to connect to a secure website, there\u2019s a message that will display \u2014 if you know where to look for it. This message lets you know that the browser is attempting to create a secure, encrypted connection to the website\u2019s server.<\/p>\n\n\n\n

    For fun, let\u2019s do a quick little exercise to check for a secure connection in Chrome: hover your mouse over this link<\/a> (don\u2019t click on it!) and look at the bottom-left corner of your browser window. Do you see the URL that pops up for our website? This is known as the link preview bar. This cool little feature informs you about what the browser is trying to do at any given time.<\/p>\n\n\n\n

    For example, if you hover over an image, it\u2019ll show you the URL of the link you’re mousing over. Check to see whether it has an \u201chttp:\/\/\u201d or \u201chttps:\/\/\u201d at the beginning of the website address.<\/p>\n\n\n\n

    \"A
    Image caption: A screenshot of a search result and how it sometimes displays information when you hover your mouse over a link.<\/em><\/figcaption><\/figure>\n\n\n\n

    But what if you don\u2019t see a secure connection? What if the message you see in your browser says \u201cNot Secure\u201d or \u201csecure connection failed\u201d instead? Then it means you\u2019re not securely connected and your data is at risk of compromise and\/or theft.<\/p>\n\n\n\n

    Secure Connections, While Ideal, Aren\u2019t Always Technically Required<\/h2>\n\n\n\n

    While sharing this fact may seem counterintuitive to our job of selling SSL\/TLS certificates, it\u2019s the truth. Not all websites require secure connections. For example, a blog that shares information but doesn\u2019t collect or use sensitive information (email addresses, login credentials, payment information, etc.) isn\u2019t required to be secure. However, using a secure connection is ideal and also helps websites rank better in Google searches.<\/p>\n\n\n\n

    Of course, if you\u2019re on an insecure website that you\u2019d want to see secured, you can always reach out to the web administrator and see if there\u2019s a way to get them to enable HTTPS. Otherwise, you can always try to find a different website to use.<\/p>\n\n\n\n

    Site Admins: How to Ensure Your Site Loads Secure Connections in Chrome<\/h2>\n\n\n\n

    Alright, this information is really a quick reference for website administrators and owners. This isn\u2019t for website users that are having issues loading a secure connection in Google\u2019s browser.<\/p>\n\n\n\n

    1. Use an SSL\/TLS Certificate on Your Website to Enable HTTPS<\/h3>\n\n\n\n

    An SSL\/TLS certificate is a website certificate that enables you to use HTTPS to securely transmit data. It does this by enabling your web server to verify its identity to users\u2019 browsers that want to connect to it. Once their clients know your server is legitimate and the parties share the same languages (i.e., use the same cryptographic algorithms), then they\u2019ll establish a secure connection that protects data in transit.<\/p>\n\n\n\n

    This whole process requires requesting, purchasing, and installing an SSL\/TLS certificate on your web server. This small file contains verifiable information about your organization, including its official registered name, location information, and more \u2014 all of which must be verified by another party.<\/p>\n\n\n\n

    You can get a certificate from a trusted third party known as a certificate authority that vets your organization\u2019s digital identity. Some certificates are free, but those are available only in the lowest level of validation and are commonly used in phishing attacks. The Anti-Phishing Working Group (APWG) reports that in Q1 2021<\/a>, 94.5% of certificates used in phishing attacks were domain validation certificates.<\/p>\n\n\n\n

    You see, SSL\/TLS certificates come in three validation levels:<\/p>\n\n\n\n

    1. Domain validation (DV)<\/strong><\/a> \u2014 This is the lowest level of validation, meaning that a CA only verifies you control the domain.<\/li><\/ol>\n\n\n\n
      \"A
      Image caption: A screenshot of the certificate information that displays on Amazon.com.<\/em><\/figcaption><\/figure>\n\n\n\n