Batu69 Posted November 24, 2016 Share Posted November 24, 2016 Following in the footsteps of Chrome it seems FireFox is testing a UI change to highlight further the dangers of password fields on non-HTTPS pages. Currently Firefox already displays a red crossed out padlock when visiting a standard HTTP page with a password field. Clicking the padlock provides a more verbose warning. Ryan Feely UX designer at Mozilla recently tweeted an update showing an even more prominent warning message at the point of submitting the insecure form data. Quote Coming soon to Firefox. We'll let you know when you go to type your password into an insecure (HTTP) page or form. — @ryanfeeley I have tested this on the current Firefox nightly build but at present this does not display. It is possible Firefox could release this before the Chrome Not Secure warning coming in Chrome 56. Article source Link to comment Share on other sites More sharing options...
luisam Posted November 24, 2016 Share Posted November 24, 2016 A nice feature, but we should take in account that actually many ordinary http websites and even blogs use passwords not for the user's security but as a way to check and control access to their sites. Many unaware users will get a scare when they'll see these warnings, just as they are currently confused when they get a warning about signature issues and problem related to "https" access. So I presume individual criteria should prevail when you see one of these striking warnings but the problem is that most Windows users DON'T HAVE criteria. Just a simple example: yesterday my brother in law called me alarmed that he got a long warning from something like "Mozilla Commander" about a collapse of Firefox. "WHAT CAN I DO NOW?". I had to explain him: nothing. Turn off the warning and restart Firefox. Next funny question was "Is Mozilla the same thing as Firefox?" Now, funny point is that this guy has been using a computer since about 25 years but he simply doesn't understand some "basics" and I firmly believe that this goes for millions of internet users. So, my feeling is that this Firefox (and Chrome) warning is a fine step toward security but I'm afraid it will create panic among unaware users. Link to comment Share on other sites More sharing options...
steven36 Posted November 24, 2016 Share Posted November 24, 2016 The thing is i keep reading that Firefox is following in the foot steps of chrome seems there going to become like Opera with a 0.53% marketshare or something Firefox is already a niche browser aimed toward the power user it only have like a 5.78 % marketshare by the end of 2017 the few left on it will be using it simply because it has the Firefox name its following in the foot steps of chrome when there's already like 20 chrome browsers out there already and see were it got Opera they ended up selling it too China and only have like a 0.53% marketshare today :P My firewall has builtin telemetry block it blocks it by default ..No matter how much stuff you disable in the settings it still trying to collect data. If it was not for my Firewall that crap would getting by i guess I'm going have to investigate and see if its someway too shut it off trough about config . Link to comment Share on other sites More sharing options...
Administrator DKT27 Posted November 24, 2016 Administrator Share Posted November 24, 2016 This message - Logins entered on this page could be compromised - message may actually look to the users that as if the site has been hacked recently and such. Link to comment Share on other sites More sharing options...
vissha Posted November 27, 2016 Share Posted November 27, 2016 Firefox 52: Contextual Warning For Insecure Login Field We’ve told Firefox will warn you in the URL bar mentioning the connection is not secure when you visit an insecure page that has login form. Firefox 52 to show the contextual warning to users right in login fields on an HTTP page or form if you try to type username or password : ‘This connection is not secure. Logins entered here could be compromised. This feature is currently disabled by default, you can test this changing security.insecure_field_warning.contextual.enabled to true and signon.autofillForms.http to false. Firefox 51: Mozilla turns on Insecure Password Warning Source Link to comment Share on other sites More sharing options...
Batu69 Posted November 27, 2016 Author Share Posted November 27, 2016 Topic moved from software news forum & merged. Link to comment Share on other sites More sharing options...
luisam Posted November 27, 2016 Share Posted November 27, 2016 10 hours ago, vissha said: Firefox 52 to show the contextual warning to users right in login fields on an HTTP page or form if you try to type username or password : ‘This connection is not secure. Logins entered here could be compromised. This feature is currently disabled by default, you can test this changing security.insecure_field_warning.contextual.enabled to true and signon.autofillForms.http to false. Good to know. For most users best option is to KEEP IT disabled. I feel, that this note should be recorded and if Firefox should decide enable it by default might help many alarmed users... disabling it Link to comment Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.