Registration

Create an account with us
and buy SSL certificates
for the lowest price on the web

My Account

You entered a wrong email
address or password

REGISTRATION SUCCESSFUL

Thank you for registering with CyberSSL.com.

01 April 2015

by CyberSSL.com

Back to Blog

Google improves security warnings design

Google improves security warnings design

Users become to ignore the Secure Sockets Layer’s warnings. This unsecure behavior challenged Google researchers to work on the alerts’ design that will make end-users to be more careful to visit unsecure sites.

Secure Sockets Layer protects end users’ online working sessions in different fields, from business level to personal correspondence, encrypting their connection and securing their sensitive data. When an end-user accesses an unsecure web site, the web browsers display SSL security warning. It may be a warning of a server-failed authentication, a site with a weak encryption or even a malicious attack.

Which alert is the best one?

A good SSL alert

must supply understandable instructions,
contain simply text
be brief
contain a simply design
transmit a comprehensive message

Google focused on three major comprehension points:

Visitors’ comprehension of the warning source;
Sensitive data that could be put to the risk;
The probability of perception of a false positive warning.

The result of the working team’s years of research is an alert’s design that is simple and visually easy to understand by the end-users, that is the best choice for their security.

The text is shorter and less technical, in order to read until the end of the warning message and an “Advanced” button was added bellow. This button shall give a more technical explanation of the issued problem.

This improved warning message shall guide end-users to make an intelligent and quick decision, which is do not go forward to a potentially dangerous malicious site, but go back to safety.

Nevertheless, site visitors may ignore Google security warnings, leave the browser and ignore other SSL security warnings, visiting the website anyway.

In the result of Google implementation of the new warning alert, it seems to be an improved end users’ security behavior.

However, there is a lot of work to do in this field. First and foremost, end-users have to educate themselves on SSL web-sites security provision.

August, 16

5 Common Myths About SSL

Nowadays, getting an SSL certificate is becoming mandatory as its popularity is increasing every year. It is one of the best ways to secure your website and protect all the data transferred between your website and the end-user

Read more
June, 13

Patch your mail server now! An EXIM vulnerability allows to run commands as root.

There are more than 4 millions mail servers affected by the new vulnerability (CVE-2019-10149) RCE in Exim.

Read more
November, 22

Windows 10: Defender Antivirus will be running in a sandbox

Windows Defender will also be able to run in a sandbox, meaning that it will be isolated from the rest of the system, increasing security in the event of potential attacks. Windows 10 users can already try the feature.

Read more
November, 10

Disclosure of the IP address: Tor browser unsafe

The Tor browser unmasks the user's IP address under certain circumstances - so surfing anonymously is out of the question.

Read more

Products

For Partners

Resources

Support

Google improves security warnings design