Comments on: Banks and https http://www.squarefree.com/2005/05/28/banks-and-https/ Jesse Ruderman on Firefox, security, and more Thu, 20 Nov 2008 08:50:57 +0000 http://wordpress.org/?v=2.5 By: MarteyDodoo.com http://www.squarefree.com/2005/05/28/banks-and-https/#comment-1582 MarteyDodoo.com Tue, 23 Aug 2005 22:21:16 +0000 http://www.squarefree.com/?p=264#comment-1582 <strong>Online Banking with Bank of America</strong> Online banking websites like Bank of America should use SSL login pages, as non-SSL pages are not secure. ... Online Banking with Bank of America

Online banking websites like Bank of America should use SSL login pages, as non-SSL pages are not secure.

]]> By: Jesse Ruderman http://www.squarefree.com/2005/05/28/banks-and-https/#comment-1463 Jesse Ruderman Thu, 21 Jul 2005 04:30:01 +0000 http://www.squarefree.com/?p=264#comment-1463 Faruk: no, I did not. Faruk: no, I did not.

]]> By: Faruk Avdi http://www.squarefree.com/2005/05/28/banks-and-https/#comment-1462 Faruk Avdi Thu, 21 Jul 2005 02:57:53 +0000 http://www.squarefree.com/?p=264#comment-1462 Jesse, Did you receive a reply to your question: "What are the usability arguments against using full HTTPS?" Faruk. Jesse,

Did you receive a reply to your question: “What are the usability arguments against using full HTTPS?” Faruk.

]]> By: Phil http://www.squarefree.com/2005/05/28/banks-and-https/#comment-1419 Phil Fri, 24 Jun 2005 15:14:57 +0000 http://www.squarefree.com/?p=264#comment-1419 Concerning Washington Mutual: If you go through their homepage, it is unsecure. However if you click "My Accounts" you will get a secure login prompt. Concerning Washington Mutual: If you go through their homepage, it is unsecure. However if you click “My Accounts” you will get a secure login prompt.

]]> By: Jesse Ruderman http://www.squarefree.com/2005/05/28/banks-and-https/#comment-1403 Jesse Ruderman Wed, 15 Jun 2005 08:29:23 +0000 http://www.squarefree.com/?p=264#comment-1403 <a href="http://www.livejournal.com/users/jcurious/425389.html" rel="nofollow">Curious pointed out</a>: "The easist way to find the https login for a bank is to submit a badlogin, this will often give you a login page that is https" Curious pointed out: “The easist way to find the https login for a bank is to submit a badlogin, this will often give you a login page that is https”

]]> By: Rob Meyer http://www.squarefree.com/2005/05/28/banks-and-https/#comment-1376 Rob Meyer Sat, 04 Jun 2005 06:54:44 +0000 http://www.squarefree.com/?p=264#comment-1376 Sorry to soapbox; there is a lot we agree on here. Particularly the messaging. The lock icons and copy about "secure from the moment you hit the login button" are ill-concieved at best, and at times outright misleading. Granted, I don't know what the right answer is given that you need a high level of knowledge to understand the risks. I'm always more a fan of education and honesty over trying to play to the lowest common denominator and keep people in the dark. Sorry to soapbox; there is a lot we agree on here. Particularly the messaging. The lock icons and copy about “secure from the moment you hit the login button” are ill-concieved at best, and at times outright misleading. Granted, I don’t know what the right answer is given that you need a high level of knowledge to understand the risks. I’m always more a fan of education and honesty over trying to play to the lowest common denominator and keep people in the dark.

]]>