Your browser isn't supported
It looks like you're using an old web browser. To get the most out of the site and to ensure guides display correctly, we suggest upgrading your browser now. Download the latest:

Welcome to the MSE Forums

We're home to a fantastic community of MoneySavers but anyone can post. Please exercise caution & report spam, illegal, offensive or libellous posts/messages: click "report" or email forumteam@.

Search
  • FIRST POST
    • MSE Andrea
    • By MSE Andrea 1st Feb 17, 12:24 PM
    • 8,198Posts
    • 20,245Thanks
    MSE Andrea
    "Not secure" in Forum url
    • #1
    • 1st Feb 17, 12:24 PM
    "Not secure" in Forum url 1st Feb 17 at 12:24 PM
    Hi everyone

    You may have seen the words “not secure” in your url when visiting the forum in the last few days. This is a change Google has recently put into place for sites that don’t run on HTTPS.

    Our technical team is working on this now and you should see it disappear once the work's been rolled out.

    Thanks for your patience.

    MSE Forum Team

    Follow MSE on other Social Media:
    MSE Facebook, MSE Twitter, MSE Deals Facebook, MSE Deals Twitter, Forum Twitter, Instagram, Pinterest
    Join the MSE Forum
    Get the Free MoneySavingExpert Money Tips E-mail
    Report inappropriate posts: click the report button
    Point out a rate/product change
    Flag a news story: news@moneysavingexpert.com
Page 1
    • kwikbreaks
    • By kwikbreaks 3rd Mar 17, 10:50 PM
    • 8,642 Posts
    • 4,300 Thanks
    kwikbreaks
    • #2
    • 3rd Mar 17, 10:50 PM
    • #2
    • 3rd Mar 17, 10:50 PM
    It's worth noting that the change simply highlights the fact that the MSE login isn't HTTPS and has always been insecure not that any change made by Google has somehow made the login insecure.
    • alanq
    • By alanq 23rd Mar 17, 4:31 PM
    • 3,539 Posts
    • 2,270 Thanks
    alanq
    • #3
    • 23rd Mar 17, 4:31 PM
    • #3
    • 23rd Mar 17, 4:31 PM
    This issue also affects Firefox 52.0.1.

    https://blog.mozilla.org/security/2017/01/20/communicating-the-dangers-of-non-secure-http/
    I'm a Board Guide on the Budgeting and Bank Accounts, Savings & Investments, Food Shopping and Over 50s MoneySaving boards. I'm a volunteer to help the boards run smoothly, and I can move and merge threads there. Any views are mine and not the official line of moneysavingexpert.com. Board guides are not moderators. If you spot an inappropriate or illegal post then please report it to forumteam@moneysavingexpert.com
    • Jabba_flabba
    • By Jabba_flabba 29th Apr 17, 11:30 AM
    • 52 Posts
    • 11 Thanks
    Jabba_flabba
    • #4
    • 29th Apr 17, 11:30 AM
    This really isn't about any particular browser...
    • #4
    • 29th Apr 17, 11:30 AM
    ...it's about the absence of transport layer security for sending/receiving data (and, most importantly, sending passwords).

    I'd love to know what the technical team are so busy with that justifies continuing to run this site without SSL. Sending passwords in the clear is just plain bad and inexcusable in 2017. Wireshark screenshot:



    My advice to users of this site is to make sure your MSE password isn't the same or even close to the same as the passwords you use for more sensitive sites such as your email (password reuse is generally bad anyway - but particularly worth emphasising here).

    The reason for my advice should be plain enough; if your MSE password gets stolen, say, because you've used it while being connected to e.g. open access WiFi, then it's possible the thief could then access your email.
    • DragonQ
    • By DragonQ 26th May 17, 11:50 PM
    • 1,984 Posts
    • 665 Thanks
    DragonQ
    • #5
    • 26th May 17, 11:50 PM
    • #5
    • 26th May 17, 11:50 PM
    Still no HTTPS 4 months later. Even my home website with nothing useful on it has HTTPS, it really isn't difficult to set up!
Welcome to our new Forum!

Our aim is to save you money quickly and easily. We hope you like it!

Forum Team Contact us

Live Stats

521Posts Today

5,720Users online

Martin's Twitter