How do I tell if my connection to a website is secure?
Revision Information
- Revision id: 193167
- Created:
- Creator: AliceWyman
- Comment: edits to Intro warning, "yellow warning triangle" section
- Reviewed: Yes
- Reviewed:
- Reviewed by: AliceWyman
- Is approved? Yes
- Is current revision? No
- Ready for localization: No
Revision Source
Revision Content
The Site Identity button (a padlock) appears in the address bar to the left of the web address, when you visit a secure website. You can quickly find out if the connection to the website you are viewing is encrypted, and in some cases who owns the website. This should help you avoid malicious websites that are trying to obtain your personal information.
Most commonly, when viewing a secure website, the Site Identity button will be a green padlock gray padlock .
However, in a few cases you may see no padlock, a gray padlock with a yellow warning triangle or a gray padlock with a red strike over it .
Table of Contents
Green padlock
A green padlock (with or without an organization name) indicates that:
- You’re definitely connected to the website whose address is shown in the address bar and the connection hasn’t been intercepted.
- The connection between Firefox and the website is encrypted to prevent eavesdropping.
A green padlock plus the name of the company or organization, also in green, means this website is using an Extended Validation (EV) certificate. An EV certificate is a special type of site certificate that requires a significantly more rigorous identity verification process than other types of certificates.
Gray padlock
A gray padlock indicates that:
- You’re definitely connected to the website whose address is shown in the address bar and the connection hasn’t been intercepted.
- The connection between Firefox and the website is encrypted to prevent eavesdropping.
Click the gray padlock to find out if the website is using an Extended Validation (EV) certificate. An EV certificate is a special type of site certificate that requires a significantly more rigorous identity verification process than other types of certificates.
For sites using EV certificates, the legal company or organization name and location of the website owner displays when you click the gray padlock.
Gray padlock with yellow warning triangle
A gray padlock with a yellow warning triangle indicates that the connection between Firefox and the website is only partially encrypted and doesn't prevent eavesdropping. By default, Firefox does not block mixed passive content, such as images; you will simply see a warning that the page isn't fully secure. For more information, see Mixed content blocking in Firefox.
A gray padlock with a yellow warning triangle also appears for website certificate warnings, such as for sites with self-signed certificates or certificates that aren’t issued by a trusted authority. This is a problem the site developer needs to resolve.
Gray padlock with a red strike over it
A padlock with a red strike over it indicates that the connection between Firefox and the website is either unencrypted or only partially encrypted. The connection doesn’t prevent against eavesdropping or man-in-the-middle attacks. This icon only appears if you’ve manually deactivated mixed content blocking or if you visit an unencrypted (HTTP) page where a username or password can be entered.
A padlock with a red strike over it indicates that the connection between Firefox and the website is either delivered using an insecure protocol (HTTP or FTP) or that it is only partially encrypted because you've manually deactivated mixed content blocking. The site doesn't prevent against eavesdropping or man-in-the-middle attacks.