My problem with jacquielawson.com

SwamiSwami Member
edited August 2014 in Mac

I have been a member at this (jacquielawson.com) site for many years. However, when I recently tried to log in I got the below 1Password warning. (see attached file).

I wrote to them:
"I get this message whenever I try to log in now. Such a message never came up previously. Why is the page not secure now a days? I feel uneasy to use your service."

This is their (jacquielawson.com) reply:
"Please note that the payment portion of our site uses 128-bit SSL 3.0 with 128 bit encryption to encrypt the payment and personal information submitted on our site. This type of encryption is considered a ?High? level of protection. If you right click anywhere on the light blue (on the left hand, or right hand) portion of our payment page, and then select Properties from the menu that pops up, it will also tell you whether or not a web page is secure, and the type of encryption it uses to protect your information. It will list information about the encryption of our site next to the Connection field."

My question is if the login page is not secure then is it not true that someone can know my email and password. And therefore the site is really not secure.

image

Comments

  • JasperJasper

    Team Member

    Hi @Swami,

    A website address begins with either "http" or "https". The "s" at the end of https indicates that the webpage uses a secure connection. That warning is telling you that when you saved the login for that site, it was a secure login page (https), but the page you're trying to fill is not secure (http).

    The login form on the homepage of that website is not secure. If you look at the URL, it uses HTTP (insecure) rather than HTTPS (secure).

    However, that website does have a secure login page available: https://www.jacquielawson.com/logon.asp

    We recommend you use that secure login page instead.

    It's unfortunate that website doesn't use HTTPS on their homepage as well, since there is a login form there too. When an insecure connection is used, this exposes you to man-in-the-middle attacks. A malicious attacker in a privileged position could steal your login information, including your username and password.

    Please let us know if you have any other questions. We're always happy to help! :)

  • SwamiSwami Member

    Thanks Jasper for your crystal clear explanation.
    Best wishes, Swami

  • JasperJasper

    Team Member

    You're welcome! Please let us know if you have any other questions. We're always happy to help! :)

This discussion has been closed.