We’d like to remind Forumites to please avoid political debate on the Forum.
This is to keep it a safe and useful space for MoneySaving discussions. Threads that are – or become – political in nature may be removed in line with the Forum’s rules. Thank you for your understanding.
📨 Have you signed up to the Forum's new Email Digest yet? Get a selection of trending threads sent straight to your inbox daily, weekly or monthly!
TESCO Bank Site Security
optmax
Posts: 6 Forumite
The authentication page (second page) of the Tesco Bank login has links to insecure content and so the Chrome browser is suspicious reporting:
"Your connection to the site is encrypted, but Google Chrome has detected mixed content on the page. Be careful if you're entering information on this page. Mixed content can provide a loophole for someone to manipulate the page. This content could be third- party images or ads embedded on the page."
Internet Explorer has no such qualms.
I rang the Tesco Bank Interent Banking helpline (an 0845 number but that's another story...) and they jsut kept repeating "the site is secure".
Surely it is bad practice to include links to insecure content within a secure webpage?
Should I be trusting Tesco Bank's security?
"Your connection to the site is encrypted, but Google Chrome has detected mixed content on the page. Be careful if you're entering information on this page. Mixed content can provide a loophole for someone to manipulate the page. This content could be third- party images or ads embedded on the page."
Internet Explorer has no such qualms.
I rang the Tesco Bank Interent Banking helpline (an 0845 number but that's another story...) and they jsut kept repeating "the site is secure".
Surely it is bad practice to include links to insecure content within a secure webpage?
Should I be trusting Tesco Bank's security?
0
Comments
-
This is a relatively common (and minor) issue, and the actual insecurity you're seeing won't cause any problems.
The Tesco bank login page itself is fully secured and isn't loading any unsecured content (Chrome's warning is ambiguous and not entirely accurate in this instance), the warning you're seeing is simply being caused because the "Search FAQs" submit button submits any search query you enter (at the FAQ section near the bottom of the page) to an unsecured script, ie their FAQ system.
Is it a problem that the FAQ system is accessed via an unsecured connection: No.
Is it best-practice to make sure that all form submissions from a secured page are also secured so that paranoid browsers (ie Chrome) don't throw up a warning: Yes.0 -
Thanks for that nidO.
You have manged to reassure my wife whereas I had failed completely!0
This discussion has been closed.
Confirm your email address to Create Threads and Reply
Categories
- All Categories
- 352.3K Banking & Borrowing
- 253.7K Reduce Debt & Boost Income
- 454.4K Spending & Discounts
- 245.3K Work, Benefits & Business
- 601.1K Mortgages, Homes & Bills
- 177.6K Life & Family
- 259.2K Travel & Transport
- 1.5M Hobbies & Leisure
- 16K Discuss & Feedback
- 37.7K Read-Only Boards