HTTPS Is Becoming Less Secure
When you visit your bank’s website, most retailers or a credit card’s website, you might notice that the address starts with “HTTPS”. The added ‘S’ stands for secure. That’s ‘Hypertext Transfer Protocol Secure’ all together. It denotes that the site you’re using is safe from hackers stealing your log-in information. While that may have been true at one time, Rohit Sethi writes for USA Today that HTTPS alone no longer provides complete security for users.
HTTPS remains a useful tool to keep users secure, but it can’t do the job alone. Hackers have already exposed some areas of weakness. In another two to five years, successful attacks on HTTPS could become so common that an entirely new structure will be needed.
When using a site with HTTPS, your data is encrypted so that no third party will be able to steal it. However, attacks have already taken place that allow hackers to bypass this security. This means that log-in information for important online accounts, like for banking sites, is easily stolen by criminals in less than a minute. For both websites and users, this poses a particular problem because both parties believe in the security HTTPS is supposed to provide.
Users must understand that an HTTPS included in a URL and a small lock icon no longer provides enough security. Fortunately, there are other ways to keep your data safe. A Virtual Private Network, VPN, is one valuable tool. It provides an extra layer of encryption for all of your browsing activity. Many VPNs contain the same type of security flaws that have been exploited in HTTPS, so do some research and find a VPN using IPsec.
Smart, safe surfing habits also go a long way in protecting your data. Unsecured wireless networks provide little security, so if you’re using one, don’t log-in to any of your online accounts. Also, consider having a credit card dedicated to online purchases. This way, if that card is compromised, a criminal won’t have access to your entire bank account and you should notice quickly.
If you’d like to improve security for any device at home or at the office, or if you need to upgrade security for your website, call Geek Rescue for help at 918-369-4335.
December 2nd, 2013