Firefox to Add "In Your Face" Warnings About Insecure Login Pages

[Dirk41]

Mozilla engineers are preparing a very intrusive, but quite useful method of warning users that they're about to enter sensitive passwords and login via an insecure HTTP connection.

Ryan Feeley, a user experience designer for Mozilla Toronto, provided this week a preview of an upcoming Firefox feature on Twitter.

"We’ll let you know when you go to type your password into an insecure (HTTP) page or form," Feeley wrote on Twitter, and posted the following image.

Firefox already warns users of passwords sent via insecure HTTP
The warning Feeley teased is much more intrusive compared to the UI Firefox uses today, which only consists of a two-stage dropdown panel that appears only when users click on the "ⓘ" icon shown to the left of the browser's address bar.

Firefox was the first browser to warn users by default when entering credentials on HTTP pages. Mozilla introduced this feature in Firefox 44 Nightly.

Feeley explained on Twitter that the warning's wording might change in the future, as many users thought the default text of "Logins entered here could be compromised" was too alarmist.

Mozilla designers used the same wording when they first added the first HTTP login warning to Firefox 44 Nightly, but they eventually removed it in the Firefox 44 Stable branch.

New UI is much more visible compared to the current warning system
This proposed "in your face" warning makes a lot of sense, since it's been known for years that HTTP traffic is sent in cleartext and can be intercepted through multiple methods.

Scaring users and shaming sites might be a controversial method of advancing the state of Internet security, but the advantages to privacy and personal security are palpable.

 

[Cohen]

I'm currently using Nightly and this is what I get on insecure login pages :

 

[Dirk41]

I'm currently using Nightly and this is what I get on insecure login pages :

They say they have not set it yet

 

[Net Centric]

Another reason I have stopped updating Firefox. I cannot think of a single thing they have done IN SEVERAL YEARS that improved the end user experience. I can think of many that have made it worse.

They seem to think that if they were in the car business and sold you a car they can then tell you where you can drive that car. It is truly the most bizarre product/consumer experience I have ever had in my 63 years.

Sigh. Straw and the camel time I guess. Finally time to move on. Hopefully I can find a less "police state" browser out there without too much hassle.

 

[AtlBo]

Wait a minute, Net Centric. You have given us all an idea . What about Police State Browser? Think of all the options that can be denied users. One home page, Police State Control Panel. Next to wait in line to attend the latest pro PSB rally site. Upon completing the required hails in the chat window, it's time to do service for the good of all. From one message to another PSB takes you automatically to sites where you can boast of its greatness to all. Yes, Police State Browser, the next great thing...

 

[DardiM]

Thanks for the share

Looking if the https is present when we have to enter important data on webpage, is the minimum of security that all user may be aware of
(I know some people that lost money this way, on fishing website)

Wait a minute, Net Centric. You have given us all an idea . What about Police State Browser? Think of all the options that can be denied users. One home page, Police State Control Panel. Next to wait in line to attend the latest pro PSB rally site. Upon completing the required hails in the chat window, it's time to do service for the good of all. From one message to another PSB takes you automatically to sites where you can boast of its greatness to all. Yes, Police State Browser, the next great thing...

One day, the "control parental" tool will become => "citizen control" tool, for "your well-being"

 

[AtlBo]

I forgot to mention the State Grid, the official State monitoring system of Police State Browser and which is conducting official business "behind the scenes". Simple identification issues of possible anti-State actvities and small corrections to the choices of those using competitor browsers. Simple hacks declaring to all users on a website with the proper State hails of the greatness of Police State Browser.

 

[frogboy]

Hopefully Cyberfox will carry on it's tradition of not implementing some of the more silly things Firefox implements.

 

[Net Centric]

Hopefully Cyberfox will carry on it's tradition of not implementing some of the more silly things Firefox implements.

I'll give Cyberfox a try thanks.

 

[ForgottenSeer 55474]

I dropped Firefox, not for security reasons but for speed, I have Pale Moon installed instead, always my standard browser is an always be Google Chrome

 

[Cohen]

I dropped Firefox, not for security reasons but for speed, I have Pale Moon installed instead, always my standard browser is an always be Google Chrome

You should try out Firefox Developer or Nightly, they've added multiprocess which makes it a lot faster.
One of the reasons I couldn't use Firefox for a long time was also speed, then I tried out Nightly and have been hooked since.

 

[JohnBRogers]

I also recommend Nightly! I hated most of the browsers for their speed, but ever since Nightly I haven't thought about changing to something else.