In past blog posts, we’ve talked about how important it is to be aware of the encryption being used when communicating with your bank’s website or other sites where private information may be exposed. We’ve seen how web browsers try to help keep you on your toes, and we’ve encountered malicious programs that fool you into thinking your connection is secure when it’s not.

SSLPasswdWarning is a Firefox add-on designed specifically to avoid being tricked by something like sslstrip. If you click on or give focus to a password box, the add-on will examine the web page’s source to make sure that the password will be submitted using a secure connection. A warning box is shown, and the submission is halted if that is not the case. For instances when the site remembers your password and fills in the field for you, SSLPasswdWarning will also examine forms at the moment they are submitted.

Even if you feel like you cannot possibly be affected by programs like sslstrip, this add-on can make things more convenient for you. Sometimes, a website might present a login page that is not encrypted and only encrypt the password submission. Now, if you install this add-on, you can feel more comfortable about the security of your password without having to examine the page’s source code each time.

Each Thursday, Security Musings features a security-related technology or tool. Featured items do not imply a recommendation by Gemini Security Solutions. For more information about how Gemini Security Solutions can help you solve your security issues, contact us!

This entry was posted on Thursday, August 13th, 2009 at 4:20 pm by Mike Markiewicz and is filed under Technology & Tool Thursday. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.