Welcome!
If you have an account, please:
Log in
Yes, it's THAT book!

Drop your email here to stay informed of the status of my "tell most" book about the National Security Agency:

--OR--

Check out the Kickstarter here (click)

--OR--

I want info first...

Fair enough. Click the thumbnail below:

Employees are allies, not the adversary
How can I help you?
Contact Jeremy
Recommendations

Here's something that


I, Jeremy Duffy, actually recommend and think is worth checking out.
No web-bugs, no bs, just a legit recommmendation that I have personally evaluated before allowing it to be listed here:

Think something's here that shouldn't be? contact me!

Using HTTPS For Secure Login and Payment Online

What It Is

Because businesses online quickly figured out that sending names, passwords, credit card details, and other sensitive information out unprotected over the Internet was a bad idea, SSL was implemented.

SSL, or Secure Sockets Layer, is an encryption technique that's already built into your browser. You can see in the screenshots for Firefox and Internet Explorer here where 1) the HTTP in the address bar is listed as HTTPS (where the S stands for "secure") and 2) there is a lock icon (at the bottom right of the window for Firefox and just to the right of the address bar for IE).

https in Firefox
https in IE

Why to Use It

Nothing on the Internet was designed with security in mind, all of it was added as an afterthought. So think about this: when you hit the "Submit" button on any webpage, you're sending data from your computer to theirs, but the Internet is a vast inter-connected web of computer systems that spans the entire globe. Somewhere between you and them could be someone monitoring the traffic.

If someone's listening in, they can look right at your data and take your name and password or any other sensitive data you sent. What happens if someone took your name and password and logged into your mail, your bank, or any other service? They could embarass you, spam people from your account, take your money, etc.

Any time you're about to log in or send form data for an account or online order, make SURE that the HTTPS is active. In some cases, you might have to use a trick or too to turn it on. As in these cases:

Case 1: Finding the option for enhanced security and clicking it.

Case 2: Using my login trick to activate security.

When to Use It

You are most at risk when using hotspots at hotels, airports, and cafe's. Consider that the hotel itself or at least all the people there have access to the wireless networking equipment you connect to. Since you are going through them for Internet, they can easily see anything and everything you send. The same goes for your Internet service provider and many of the people who work for them (though you might assume, right or wrong, that the ISP has better physical protections and auditing to prevent their employees from doing it).

Take blind faith out of the equation and make sure HTTPS is active instead!

Limitations

When you see HTTPS, it means you have a mostly secure end-to-end connection, but the first problem is that SSL isn't absolute security. It's way better than nothing, but if something you're sending is absolutely critical to you, maybe you should call it in instead.

Second, bad guys with fake websites can get SSL security too. All that happens then is you have a very secure connection between you and the guy that's going to rip you off. The first defense against this is to use my trick to avoid bogus websites in the first place.

The second tip is to just click the certificate itself to learn more about where you are. Click the colored area to the left of the address (for Firefox) or to the right of the address where the lock Icon is (for IE).

Checking to see if you have a valid secure connection in Firefox
Checking the SSL certificate in IE

This popup window shows you who the secure connection belongs to and who is validating that fact. In one, Equifax is verifying that the page you're on is Facebook.com while VeriSign is validating that you're on eBay.

Always remember to look for HTTPS whenever logging in or entering other important data online. If it's not there, maybe you should think twice about clicking SUBMIT.
internet safety Tutorial
prev: Account Hijacking|INDEX|

General Safety

Avoid fake and nasty websites with my search engine trick.
Watch out for online addiction. Getting lost in fun online activities can be just as addiction as any drug.
So you want to write, publish, or share information online? Be careful. Things you say may be lost or forgotten, but things put on the Internet never are.
Don't fall for the well-known (or the new scams either) bad guys use to trick you into give away data or money.

Account Protection

Want to make an account with some online service? Read this first!
The newest, biggest risk online? Account hijacking! Don't become a victim by allowing your account to be taken over and learn to recognize when someone else has been.
Be sure transmission security is active before entering a name, password, credit card number, or other important information online.

Share This

Have a Comment or Question?

Loading...

If you want to learn more about my professional background, click here to learn more.

Check out one of my guides/tutorials:

goodbye identity theft Tutorial
|INDEX|next: Credit Freeze

Too Late!

If you've already become a victim, here is a list of things you should do.

Solving ID Theft

Lock your credit reports with a Credit Freeze to prevent credit-based ID theft (90% of ID theft risk).
Learn to protect your information to prevent not only ID theft, but many other kinds of problems (the rest of ID theft risk).

Save Time and Money

cancel credit-monitoring services.
Cancel id-theft-insurance

Who is Responsible?

Sometimes you just have to wonder why it's so easy to steal identities in the first place.

... or check out any of my other guides and tutorials by clicking here!

How to Avoid Bogus Websites

There are bogus websites out there hoping you'll hit them by accident or using phishing to trick you into coming to them. Learn my simple trick to avoid these sites!

[Click for full description]

Online Addiction

Concerned about online addiction? You should be. Learn the types, the signs, and the preventions.

[Click for full description]

The Consequences of Posting Online

It's fun to post online. What you think, what you feel. But words typed and posted on the Internet can come back to bite you more than anything you could say with your mouth.

[Click for full description]

Tricks and Scams

Just because you won't willing give up data doesn't mean that I can't trick you out of it. Don't fall for these well known tricks!

[Click for full description]

Account Creation Tips

When you create an account with an online site, you should know a few things first.

[Click for full description]

Account Hijacking

One of the newest threats we face is the risk of someone getting control of your online account and using it against you and the people you know. Do everything you can to prevent that from happening!

[Click for full description]

Using HTTPS For Secure Login and Payment Online

Making online accounts is useful and fun, but doesn't mean much if someone can capture your login information and use it against you. Make sure to use this simple trick to prevent that from happening.

[Click for full description]

The Identity Theft Victim's Mini-Guide to Recovery

If you've already experienced ID theft, here are some tips of what to do next.

[Click for full description]

Credit Freeze

Setting a credit report freeze is the fastest and most effective way to actually block and reduce your risk of ID Theft. And it's free.

[Click for full description]

Out and About Defense

The best defense against non-credit ID Theft and a variety of other risks is to adopt a mindset of protection: Data Defense. Learn how to protect your information with simple and sometimes free countermeasures all based on a simple philosophy that the less people who have your information, the safer you are.

[Click for full description]