How to Fix ‘ERR_SSL_PROTOCOL_ERROR’ on Google Chrome
December 1, 2017 2,095,710 views
How to Fix ‘ERR_SSL_PROTOCOL_ERROR’ on Google Chrome
in Everything Encryption
5 Ways to Determine if a Website is Fake, Fraudulent, or a Scam – 2018
November 2, 2018 1,733,613 views
5 Ways to Determine if a Website is Fake, Fraudulent, or a Scam – 2018
in Hashing Out Cyber Security
Re-Hashed: How to clear HSTS settings in Chrome and Firefox
December 3, 2018 1,206,995 views
Re-Hashed: How to clear HSTS settings in Chrome and Firefox
in Everything Encryption
Re-Hashed: How to Fix SSL Connection Errors on Android Phones
September 30, 2017 1,012,795 views
Re-Hashed: How to Fix SSL Connection Errors on Android Phones
in Everything Encryption
Re-Hashed: The Difference Between SHA-1, SHA-2 and SHA-256 Hash Algorithms
November 9, 2018 736,954 views
Re-Hashed: The Difference Between SHA-1, SHA-2 and SHA-256 Hash Algorithms
in Everything Encryption
Re-Hashed: Troubleshoot Firefox’s “Performing TLS Handshake” Message
October 7, 2017 491,242 views
Re-Hashed: Troubleshoot Firefox’s “Performing TLS Handshake” Message
in Hashing Out Cyber Security
How to fix the SSL_ERROR_RX_RECORD_TOO_LONG Firefox Error
October 30, 2018 478,433 views
How to fix the SSL_ERROR_RX_RECORD_TOO_LONG Firefox Error
in Everything Encryption
The Difference Between Root Certificates and Intermediate Certificates
June 26, 2019 474,340 views
The Difference Between Root Certificates and Intermediate Certificates
in Everything Encryption
The difference between Encryption, Hashing and Salting
December 19, 2018 436,340 views
The difference between Encryption, Hashing and Salting
in Everything Encryption
Rehash: How to Fix the SSL/TLS Handshake Failed Error
November 3, 2020 414,412 views
Rehash: How to Fix the SSL/TLS Handshake Failed Error
in Everything Encryption
How to Remove a Root Certificate
October 28, 2020 396,747 views
How to Remove a Root Certificate
in Everything Encryption
This is what happens when your SSL certificate expires
June 4, 2019 370,985 views
This is what happens when your SSL certificate expires
in Everything Encryption
How strong is 256-bit Encryption?
May 2, 2019 361,263 views
How strong is 256-bit Encryption?
in Everything Encryption
The 25 Best Cyber Security Books — Recommendations from the Experts
December 18, 2020 332,757 views
The 25 Best Cyber Security Books — Recommendations from the Experts
in Hashing Out Cyber Security Monthly Digest
Cipher Suites: Ciphers, Algorithms and Negotiating Security Settings
May 7, 2019 299,529 views
Cipher Suites: Ciphers, Algorithms and Negotiating Security Settings
in Everything Encryption
Browser Watch: SSL/Security Changes in Chrome 58
April 21, 2017 292,771 views
Browser Watch: SSL/Security Changes in Chrome 58
in Industry Lowdown
Re-Hashed: How to Trust Manually Installed Root Certificates in iOS 10.3
September 23, 2017 279,063 views
Re-Hashed: How to Trust Manually Installed Root Certificates in iOS 10.3
in Everything Encryption
Taking a Closer Look at the SSL/TLS Handshake
April 30, 2019 272,750 views
Taking a Closer Look at the SSL/TLS Handshake
in Everything Encryption Monthly Digest
Executing a Man-in-the-Middle Attack in just 15 Minutes
April 29, 2021 250,800 views
Executing a Man-in-the-Middle Attack in just 15 Minutes
in Hashing Out Cyber Security updated
How to View SSL Certificate Details in Chrome 56
January 30, 2017 224,291 views
How to View SSL Certificate Details in Chrome 56
in Industry Lowdown
Social Engineering Statistics 2025: When Cyber Crime & Human Nature Intersect
June 20, 2025 1
Social Engineering Statistics 2025: When Cyber Crime & Human Nature Intersect
in Beyond Hashed Out Hashing Out Cyber Security Monthly Digest
Chrome: New SSL Certificates Can’t Support Client Authentication Starting June 15, 2026
June 10, 2025 0
Chrome: New SSL Certificates Can’t Support Client Authentication Starting June 15, 2026
in Beyond Hashed Out Hashing Out Cyber Security
Monitoring Should Take Center Stage as Let’s Encrypt Abandons SSL Expiration Notifications
June 2, 2025 0
Monitoring Should Take Center Stage as Let’s Encrypt Abandons SSL Expiration Notifications
in Beyond Hashed Out Industry Lowdown
CISO Survival Guide: 8 Cyber Security Challenges & How to Navigate Them
April 29, 2025 0
CISO Survival Guide: 8 Cyber Security Challenges & How to Navigate Them
in Beyond Hashed Out Hashing Out Cyber Security Monthly Digest
Microsoft to Enforce Bulk Sender Authentication Requirements Starting May 5
April 24, 2025 0
Microsoft to Enforce Bulk Sender Authentication Requirements Starting May 5
in Beyond Hashed Out Hashing Out Cyber Security Monthly Digest
Industry to Shift to 47-Day SSL/TLS Certificate Validity by 2029
April 14, 2025 0
Industry to Shift to 47-Day SSL/TLS Certificate Validity by 2029
in Beyond Hashed Out Industry Lowdown
By the Numbers: 50 Cyber Crime Statistics for 2025
March 27, 2025 0
By the Numbers: 50 Cyber Crime Statistics for 2025
in Hashing Out Cyber Security Monthly Digest
SSL and TLS Versions: Celebrating 30 Years of History
March 17, 2025 0
SSL and TLS Versions: Celebrating 30 Years of History
in Beyond Hashed Out Hashing Out Cyber Security Monthly Digest
X9’s New PKI System Is Purpose-Built for the Financial Industry
February 28, 2025 0
X9’s New PKI System Is Purpose-Built for the Financial Industry
in Beyond Hashed Out Industry Lowdown Monthly Digest
9 Essential Tips for Businesses Responding to  Consumer Privacy Requests
February 13, 2025 0
9 Essential Tips for Businesses Responding to Consumer Privacy Requests
in Beyond Hashed Out Hashing Out Cyber Security
6 Updates to Know About Mark Certificates and BIMI
January 29, 2025 0
6 Updates to Know About Mark Certificates and BIMI
in Beyond Hashed Out Industry Lowdown Monthly Digest
WHOIS Domain Control Validation Will Phase Out Starting Jan. 8
January 6, 2025 2
WHOIS Domain Control Validation Will Phase Out Starting Jan. 8
in Beyond Hashed Out Industry Lowdown Monthly Digest
10 Phishing Awareness Tips to Keep the Grinches Away
December 23, 2024 1
10 Phishing Awareness Tips to Keep the Grinches Away
in Beyond Hashed Out Hashing Out Cyber Security Monthly Digest
What Is PKI as a Service (And Why Do I Need It)?
December 9, 2024 0
What Is PKI as a Service (And Why Do I Need It)?
in Beyond Hashed Out Hashing Out Cyber Security Monthly Digest
How to Set Up BIMI and a Mark Certificate to Display Your Email Logo
December 3, 2024 0
How to Set Up BIMI and a Mark Certificate to Display Your Email Logo
in Beyond Hashed Out Featured Posts Hashing Out Cyber Security Monthly Digest
Which Browsers Still Use the Security Padlock Icon?
November 25, 2024 1
Which Browsers Still Use the Security Padlock Icon?
in Beyond Hashed Out Hashing Out Cyber Security
TLS 1.0 Inches Closer to Full Retirement (Nearly a Decade Later)
November 11, 2024 0
TLS 1.0 Inches Closer to Full Retirement (Nearly a Decade Later)
in Beyond Hashed Out Hashing Out Cyber Security
Common Mark Certificates Make It Easier to Display Your Logo in Gmail 
October 30, 2024 0
Common Mark Certificates Make It Easier to Display Your Logo in Gmail 
in Beyond Hashed Out Hashing Out Cyber Security Industry Lowdown
What Is mTLS? A 4-Minute Look at TLS Mutual Authentication
October 22, 2024 0
What Is mTLS? A 4-Minute Look at TLS Mutual Authentication
in Hashing Out Cyber Security Monthly Digest
20 Ransomware Statistics You’re Powerless to Resist Reading [Updated for 2024]
October 14, 2024 7
20 Ransomware Statistics You’re Powerless to Resist Reading [Updated for 2024]
in Beyond Hashed Out Hashing Out Cyber Security Monthly Digest
5 Ways to Determine if a Website is Fake, Fraudulent, or a Scam – 2018
November 2, 2018 333
5 Ways to Determine if a Website is Fake, Fraudulent, or a Scam – 2018
in Hashing Out Cyber Security
How to Fix ‘ERR_SSL_PROTOCOL_ERROR’ on Google Chrome
December 1, 2017 157
How to Fix ‘ERR_SSL_PROTOCOL_ERROR’ on Google Chrome
in Everything Encryption
Re-Hashed: How to Fix SSL Connection Errors on Android Phones
September 30, 2017 143
Re-Hashed: How to Fix SSL Connection Errors on Android Phones
in Everything Encryption
Cloud Security: 5 Serious Emerging Cloud Computing Threats to Avoid
May 26, 2020 118
Cloud Security: 5 Serious Emerging Cloud Computing Threats to Avoid
in ssl certificates
This is what happens when your SSL certificate expires
June 4, 2019 114
This is what happens when your SSL certificate expires
in Everything Encryption
Re-Hashed: Troubleshoot Firefox’s “Performing TLS Handshake” Message
October 7, 2017 107
Re-Hashed: Troubleshoot Firefox’s “Performing TLS Handshake” Message
in Hashing Out Cyber Security
Report it Right: AMCA got hacked – Not Quest and LabCorp
June 5, 2019 81
Report it Right: AMCA got hacked – Not Quest and LabCorp
in Hashing Out Cyber Security
Re-Hashed: How to clear HSTS settings in Chrome and Firefox
December 3, 2018 75
Re-Hashed: How to clear HSTS settings in Chrome and Firefox
in Everything Encryption
Re-Hashed: The Difference Between SHA-1, SHA-2 and SHA-256 Hash Algorithms
November 9, 2018 64
Re-Hashed: The Difference Between SHA-1, SHA-2 and SHA-256 Hash Algorithms
in Everything Encryption
The Difference Between Root Certificates and Intermediate Certificates
June 26, 2019 49
The Difference Between Root Certificates and Intermediate Certificates
in Everything Encryption
The difference between Encryption, Hashing and Salting
December 19, 2018 47
The difference between Encryption, Hashing and Salting
in Everything Encryption
Re-Hashed: How To Disable Firefox Insecure Password Warnings
October 28, 2017 44
Re-Hashed: How To Disable Firefox Insecure Password Warnings
in Hashing Out Cyber Security
Cipher Suites: Ciphers, Algorithms and Negotiating Security Settings
May 7, 2019 43
Cipher Suites: Ciphers, Algorithms and Negotiating Security Settings
in Everything Encryption
The Ultimate Hacker Movies List for December 2020
November 2, 2020 42
The Ultimate Hacker Movies List for December 2020
in Hashing Out Cyber Security Monthly Digest
Anatomy of a Scam: Work from home for Amazon
December 17, 2018 40
Anatomy of a Scam: Work from home for Amazon
in Hashing Out Cyber Security
The Top 9 Cyber Security Threats That Will Ruin Your Day
August 20, 2019 38
The Top 9 Cyber Security Threats That Will Ruin Your Day
in Hashing Out Cyber Security
How strong is 256-bit Encryption?
May 2, 2019 35
How strong is 256-bit Encryption?
in Everything Encryption
Re-Hashed: How to Trust Manually Installed Root Certificates in iOS 10.3
September 23, 2017 30
Re-Hashed: How to Trust Manually Installed Root Certificates in iOS 10.3
in Everything Encryption
How to View SSL Certificate Details in Chrome 56
January 30, 2017 28
How to View SSL Certificate Details in Chrome 56
in Industry Lowdown
A Call To Let’s Encrypt: Stop Issuing “PayPal” Certificates
March 6, 2017 27
A Call To Let’s Encrypt: Stop Issuing “PayPal” Certificates
in Industry Lowdown
close HashedOut

The most informative cyber security blog on the internet!

Notice: By subscribing to Hashed Out you consent to receiving our daily newsletter.
close
  • Most Viewed
  • Latest
  • Most Commented
Hashed Out by The SSL Store™Hashed Out by The SSL Store™
  • About Us
    • The Hashed Out Team
      • Casey Crane
      • Jay Thakkar
      • Ross Thomas
      • Adam Thompson
      • Patrick Nohe
    • About The SSL Store™
    • Write for Hashed Out
  • Resource Library
    • Email Spoofing Defense 101: Email Security Ebook
    • Matter IoT Security: A PKI Checklist for Manufacturers
    • Certificate Lifecycle Management Best Practices
    • Code Signing Best Practices Guide
    • How to Create a Private CA: 18 Private PKI Best Practices
    • Post-Quantum Cryptography for Dummies
  • Shop
  • About Us
    • The Hashed Out Team
      • Casey Crane
      • Jay Thakkar
      • Ross Thomas
      • Adam Thompson
      • Patrick Nohe
    • About The SSL Store™
    • Write for Hashed Out
  • Resource Library
    • Email Spoofing Defense 101: Email Security Ebook
    • Matter IoT Security: A PKI Checklist for Manufacturers
    • Certificate Lifecycle Management Best Practices
    • Code Signing Best Practices Guide
    • How to Create a Private CA: 18 Private PKI Best Practices
    • Post-Quantum Cryptography for Dummies
  • Shop
Firefox and Chrome Now Warning About Insecure Login Pages
 Firefox and Chrome Now Warning About Insecure Login Pages
1 Star2 Stars3 Stars4 Stars5 Stars (No Ratings Yet)
Loading...
  • Facebook
  • Twitter
  • LinkedIn
  • Mail
January 27, 2017 8

Firefox and Chrome Now Warning About Insecure Login Pages

in Industry Lowdown

Warning about Insecure Login Pages is just the start…

This week, Google Chrome 56 and Mozilla Firefox 51 were both released. These updates bring a new warning about insecure login pages, which appear prominently in the address bar.

This is part of the industry-wide campaign to move away from HTTP, which is insecure, and leaves users’ online activity vulnerable to snooping, interception, modification, and much more.

Chrome 56 will show this warning for any password/credit card field loaded over HTTP.

warning about insecure login pages, chrome 56, firefox 51

This includes forms that post to HTTPS if the page itself is HTTP. Both the page itself, as well as the fields, need to be delivered over HTTPS to be properly secure and receive the “Secure” message and green padlock treatment. To help spread the word, Google has been sending messages via Search Console to warn admins if any unsecure fields are found on their websites.

In Firefox 51 the warning will be more subtle. The page will receive a “broken padlock” icon, which shows the padlock with a red strike through it. If you click the padlock, a message will tell users that their login information is at risk.

warning about insecure login pages, chrome 56, firefox 51

In Firefox 51 there will not be any warning for credit card fields, though Mozilla developers have previously said this feature is coming. Unfortunately, the ability to actively detect those fields has caused it to be delayed.

Chrome 56 for Android will also warn about password/credit card fields served over HTTP, however to accommodate for the smaller UI, only the “(i)” symbol will be shown in the address bar. Clicking the (i) will display additional text. The same behavior will also come to a future version of iOS, though when the update will be made has yet to be determined.

In-form warnings are coming to future versions for both browsers. These are warnings which will appear directly below the fields on the page. This will bring further attention to insecure fields and make it easier for users to see the warnings. Both mobile platforms will also get in-form warnings in future releases.

For any sites out there still using HTTP, make sure a migration to HTTPS is in your immediate plans. The encrypted web is coming, and the warnings are only going to get more severe. In fact, a Google engineer recently wrote “eventually, Chrome will show a Not Secure warning for all pages served over HTTP, regardless of whether or not the page contains sensitive input fields. Even if you adopt one of the more targeted resolutions above, you should plan to migrate your site to use HTTPS for all pages.”

Buy an SSL/TLS Certificate
  • #browser warnings
  • #chrome 56
  • #Firefox 51
  • #Google
  • #HTTP
  • #login fields
  • #Mozilla
  • #warning about insecure login pages

Author

Vincent Lynch
Vincent Lynch

The SSL Store’s encryption expert makes even the most complex topics approachable and relatable.

Recent Posts

  • Social Engineering Statistics 2025: When Cyber Crime & Human Nature Intersect
    Social Engineering Statistics 2025: When Cyber Crime & Human Nature Intersect
    June 20, 2025
  • Chrome: New SSL Certificates Can’t Support Client Authentication Starting June 15, 2026
    Chrome: New SSL Certificates Can’t Support Client Authentication Starting June 15, 2026
    June 10, 2025
  • Monitoring Should Take Center Stage as Let’s Encrypt Abandons SSL Expiration Notifications
    Monitoring Should Take Center Stage as Let’s Encrypt Abandons SSL Expiration Notifications
    June 2, 2025
  • CISO Survival Guide: 8 Cyber Security Challenges & How to Navigate Them
    CISO Survival Guide: 8 Cyber Security Challenges & How to Navigate Them
    April 29, 2025
  • Microsoft to Enforce Bulk Sender Authentication Requirements Starting May 5
    Microsoft to Enforce Bulk Sender Authentication Requirements Starting May 5
    April 24, 2025

Follow Us

Free Ebooks

eBook
Email Spoofing Defense 101 (A 5-Step Guide)

Download Now

eBook
Certificate Lifecycle Management Best Practices Guide

Download Now

eBook
10 Code Signing Best Practices

Download Now

Buyer Zone

  • Extended Validation Cert
  • Domain Vetted Cert
  • Organization Certificates
  • Server SSL Certificates
  • Email & Documents Signing
  • Free Tools
  • Compare SSL Certificates
  • Request for Quotation

Partner With Us

  • Partner Program Overview
  • Reseller Program
  • Affiliate Program
  • API & Integrations
  • WHMCS Module
  • AutoInstall SSL
  • Strategic Partnerships
  • Custom Integration

About Us

  • About Us
  • Blog
  • Why Choose Us
  • Resources

24/7 Help Zone

  • SSL Support
  • Manage Your Account
  • FAQ
  • Help with EV
  • Site Map
  • Contact Us
  • SSL Installation Service
Customer Reviews
payment

The SSL Store™ | 146 2nd Street North #201 St. Petersburg, FL 33701 US | 727.388.1333
© 2025 The SSL Store™. A Subsidiary of DigiCert, Inc. All Rights Reserved.

  • Cookie Consent
  • Privacy Policy
  • Disclaimer
  • Refund Policy