Most attackers don't bother with sophisticated password theft methods. They take easy-to-guess combinations. About 1% of all existing on this moment passwords can be brute-force with four attempts.

How is this possible? Very simple. You try the four most common combinations in the world: password, 123456, 12345678, qwerty. After such a passage, on average, 1% of all "chests" are opened.

Let's say you are among those 99% of users whose password is not so simple. Even so, the performance of modern software for hacking.

The free, freely available John the Ripper program verifies millions of passwords per second. Selected examples of specialized commercial software claim a capacity of 2.8 billion passwords per second.

Initially, cracking programs run through a list of the statistically most common combinations, and then refer to the complete dictionary. Over time, users' password trends may change slightly, and these changes are factored in when such lists are updated.

Over time, all sorts of web services and applications decided to forcibly complicate passwords created by users. Requirements have been added, according to which the password must have a certain minimum length, contain numbers, upper case and special characters. Some services took this so seriously that it takes a really long and tedious task to come up with a password that the system would accept.

The key problem is that almost any user does not generate a truly brute-force password, but only tries to meet the system's requirements for the composition of the password to a minimum.

The result is passwords like password1, password123, Password, PaSsWoRd, password! and incredibly unpredictable [email protected]

Imagine you need to remake your spiderman password. Most likely it will look like $ pider_Man1. Original? Thousands of people will change it using the same or very similar algorithm.

If the cracker knows these minimum requirements, then the situation only gets worse. It is for this reason that the imposed requirement to increase the complexity of passwords does not always provide the best, and often creates a false sense of increased security.

The easier the password is to remember, the more likely it is to end up in cracker dictionaries. As a result, it turns out that a really strong password is simply impossible to remember, which means that you need it somewhere.

According to experts, even in this digital age, people can still rely on a piece of paper with passwords written on it. It is convenient to keep such a sheet in a place hidden from prying eyes, for example, in a wallet or wallet.

However, the password sheet does not solve the problem. Long passwords are difficult not only to remember, but also to enter. The situation is aggravated by virtual keyboards of mobile devices.

Interacting with dozens of services and sites, many users leave behind a string of identical passwords. They try to use the same password for every site, completely ignoring the risks.

In this case, some sites act as a nanny, forcing the combination to be complicated. As a result, the user simply cannot, how he had to modify his standard single password for this site.

The scale of the problem was fully realized in 2009. Then, due to a security hole, the hacker managed to steal the database of logins and passwords of RockYou.com, the company that publishes games on Facebook. The attacker made the database publicly available. In total, it contained 32.5 million entries with usernames and passwords to accounts. Leaks have happened before, but the scale of this particular event showed the whole picture.

The most popular password on RockYou.com was 123456, which was used by almost 291,000 people. Men under 30 more often preferred sexual themes and vulgarities. Older people of both sexes often turned to a particular area of ​​culture when choosing a password. For example, Epsilon793 doesn't seem like such a bad option, only this combination was in Star Trek. The seven-digit 8675309 appeared many times because this number appeared in one of the Tommy Tutone songs.

In fact, creating a strong password is a simple task, it is enough to create a combination of random characters.

You cannot create a perfectly random combination in mathematical terms in your head, but you are not required to. There are special services that generate truly random combinations. For example, random.org can generate passwords like this:

• mvAWzbvf;
• 83cpzBgA;
• tn6kDB4T;
• 2T9UPPd4;
• BLJbsf6r.

This is a simple and elegant solution, especially for those who use to store passwords.

Unfortunately, most users continue to use simple, weak passwords, even ignoring the “different passwords for each site” rule. For them, convenience is more important than safety.

Situations in which a password can be compromised can be divided into 3 broad categories:

• Random, in which a person you know is trying to find out the password, relying on information he knows about you. Often, such a cracker only wants to play a trick, find out something about you, or make a mess.
• Mass attacks when absolutely any user of certain services can become a victim. In this case, specialized software is used. For the attack, the least secure sites are selected, which allow you to repeatedly enter password options in a short period of time.
• Purposeful, combining the receipt of hints (as in the first case) and the use of specialized software (as in a mass attack). This is about trying to get hold of really valuable information. Only a sufficiently long random password will help to protect yourself, the selection of which will take time comparable to the duration of yours.

As you can see, absolutely anyone can become a victim. Statements like “my password will not be stolen, because no one needs me” are not relevant, because you can get into a similar situation quite by accident, by coincidence, for no apparent reason.

It is even more serious to take password protection for those who have valuable information, are associated with a business or are in conflict with someone on financial grounds (for example, division of property in the process of divorce, competition in business).

In 2009, Twitter (in the understanding of the entire service) was hacked only because the administrator used the word happiness as a password. The hacker picked it up and posted it on the Digital Gangster website, which led to the hijacking of Obama, Britney Spears, Facebook and Fox News accounts.

Acronyms

As in any other aspect of life, we always have to find a compromise between maximum safety and maximum convenience. How to find a middle ground? What strategy for generating passwords will allow you to create strong combinations that can be easily remembered?

At the moment, the best combination of reliability and convenience is converting a phrase or phrase into a password.

A set of words that you always remember is selected, and a combination of the first letters from each word is used as a password. For example, May the force be with you turns into Mtfbwy.

However, since the most famous ones will be used as the initial ones, programs will eventually receive these acronyms in their lists. In fact, the acronym contains only letters, and therefore is objectively less reliable than a random combination of characters.

To get rid of the first problem will help right choice phrases. Why turn a world famous expression into an acronym password? You probably remember some of the statements that are relevant only among your close circle. Let's say you heard a very catchy phrase from a bartender at a local establishment. Use it.

Still, the acronym password you generated is unlikely to be unique. The problem with acronyms is that different phrases can be composed of words starting with the same letters and in the same sequence. Statistically, in various languages, there is an increased frequency of the appearance of certain letters as the beginning of a word. The programs will take these factors into account, and the effectiveness of the acronyms in the original version will be reduced.

Reverse way

The way out can be the opposite way of generation. You create a completely random password at random.org, and then turn its characters into a meaningful memorable phrase.

Often, services and sites give users temporary passwords, which are the very same perfectly random combinations. You will want to change them, because you will not be able to remember, but you just take a closer look, and it becomes obvious: you do not need to remember the password. For example, let's take another option from random.org - RPM8t4ka.

Although it seems meaningless, our brain is able to find certain patterns and correspondences even in such chaos. To begin with, you can notice that the first three letters in it are uppercase, and the next three are lowercase. 8 is twice (in English twice - t) 4. Look a little at this password, and you will surely find your own associations with the proposed set of letters and numbers.

If you can memorize nonsense sets of words, then use that. Let the password turn into revolutions per minute 8 track 4 katty. Any conversion that your brain is better at will do.

A random password is the gold standard in informational. It is, by definition, better than any human-made password.

The disadvantage of acronyms is that over time, the spread of such a technique will reduce its effectiveness, and the reverse method will remain just as reliable, even if all people on earth have been using it for a thousand years.

A random password will not be included in the list of popular combinations, and an attacker using a mass attack method will only brute force such a password.

Let's take a simple random password that takes into account upper case and numbers - that's 62 possible characters for each position. If we make the password only 8 digits, then we get 62 ^ 8 = 218 trillion options.

Even if the number of attempts within a certain time period is not limited, the most commercial specialized software with a capacity of 2.8 billion passwords per second will spend an average of 22 hours trying to find the right combination. To be sure, we add only 1 additional character to such a password - and it will take many years to crack it.

A random password is not invulnerable, as it can be stolen. The options are plentiful, from reading keyboard input to having a camera over your shoulder.

A hacker can hit the service itself and get data directly from its servers. In this situation, nothing depends on the user.

One reliable foundation

So, we got to the main thing. What are the random password tactics to use in real life? From the point of view of balance and convenience, the “one strong password philosophy” will do well.

The principle is that you use the same basis - a super-strong password (its variations) on the services and sites that are most important to you.

Remember one long and difficult combination for everyone.

Nick Berry, Consultant information security, allows this principle to be applied, provided the password is very well protected.

The presence of malware on the computer from which you enter the password is not allowed. It is not allowed to use the same password for less important and entertaining sites - more will be enough for them. simple passwords, since hacking an account here will not entail any fatal consequences.

It is clear that the reliable base needs to be changed somehow for each site. As a simple option, you can add a single letter to the beginning, which ends the name of the site or service. If we go back to that random RPM8t4ka password, it will turn into kRPM8t4ka for Facebook authorization.

An attacker, seeing such a password, will not be able to understand how the password for your account is generated. Problems will begin if someone gains access to two or more of your passwords generated in this way.

Secret Question

Some hijackers ignore passwords altogether. They act on behalf of the account owner and simulate a situation where you forgot your password and want it on a security issue. In this scenario, he can change the password at will, and the true owner will lose access to his account.

In 2008, someone got access to the email of Sarah Palin, the governor of Alaska, and at that time also a presidential candidate. The burglar answered the secret question, which sounded like this: "Where did you meet your husband?"

After 4 years, Mitt Romney, who was also a presidential candidate at the time, lost several of his accounts on various services. Someone answered a secret question about the name of Mitt Romney's pet.

You already guessed the point.

You cannot use public and easily guessed data as a secret question and answer.

The question is not even that this information can be carefully fished out on the Internet or from the person's close associates. Answers to questions in the style of "animal name", "favorite hockey team" and so on are perfectly selected from the corresponding dictionaries of popular options.

As a temporary option, you can use the tactic of the absurdity of the answer. To put it simply, the answer should have nothing to do with the secret question. Mother's maiden name? Diphenhydramine. Pet name? 1991.

However, such a technique, if found widespread, will be taken into account in the corresponding programs. Absurd answers are often stereotyped, that is, some phrases will be encountered much more often than others.

In fact, there is nothing wrong with using real answers, you just need to choose the question wisely. If the question is non-standard, and the answer to it is known only to you and cannot be guessed after three attempts, then everything is in order. The advantage of being truthful is that you won't forget it over time.

PIN

Personal Identification Number (PIN) is a cheap lock that ours are entrusted with. Nobody bothers to create a more reliable combination of at least these four numbers.

Now stop. Right now. Right now, without reading the next paragraph, try to guess the most popular PIN. Is it done?

Nick Berry estimates that 11% of the US population uses 1234 as their PIN (where they can change it themselves).

Hackers do not pay attention to PIN codes because the code is useless without the physical presence of the card (this can partly justify the small length of the code).

Berry took the lists of four-digit passwords that appeared after the leaks on the network. The person using the 1967 password is likely to have chosen it for a reason. The second most popular PIN is 1111, and 6% of people prefer this code. In third place is 0000 (2%).

Suppose that a person who knows this information is in the hands of someone else. Three attempts to block the card. Simple math shows that this person has a 19% chance of guessing their PIN if they enter 1234, 1111, and 0000 in sequence.

Probably for this reason, the vast majority of banks assign PIN-codes to issued plastic cards themselves.

However, many people protect smartphones with a PIN code, and here the following popularity rating applies: 1234, 1111, 0000, 1212, 7777, 1004, 2000, 4444, 2222, 6969, 9999, 3333, 5555, 6666, 1313, 8888, 4321, 2001, 1010.

Often, the PIN represents a year (year of birth or historical date).

Many people like to make PINs in the form of repeating pairs of numbers (moreover, pairs where the first and second numbers differ by one are especially popular).

Numeric keypads of mobile devices display combinations like 2580 in the top - to type it, it is enough to make a direct passage from top to bottom in the center.

In Korea, the number 1004 is consonant with the word "angel", which makes this combination quite popular there.

Outcome

1. Go to random.org and create 5-10 candidate passwords there.
2. Choose a password that you can turn into a memorable phrase.
3. Use this phrase to remember your password.

Today, the issue of creating a secure password has become very relevant. In this case, it is necessary to adhere to certain rules of principles, as well as know how to properly store passwords, which will reduce the likelihood of their theft and penetration into user accounts.

Generating passwords

To date, when creating any account on the Internet, you need to come up with a password, while the resource can suggest the reliability of the generated code. Typically, this indicator checks the length of the password and the presence of unique characters such as numbers or capital letters in it.

Despite the fact that this is one of the main parameters of password strength, but no matter how hard it seems to be resistant to hacking, it may not always be so. For example, users rarely use unique passwords that contain special characters and numbers. However, even unique passwords, but with a small number of characters, can be quickly cracked by brute-force attacks, since they can be in the databases of fraudsters.

In this case the best option will apply a password generator. On the Internet, you can find both online services and password managers for installation on a computer. With these utilities, you can get long passwords that will contain special characters.

Often, a password that consists of more than ten characters is not so attractive to a fraudster, since it will take much more time to crack it, which will not be very profitable.

The disadvantage of this method is the fact that it is quite difficult to remember such passwords, and if there is more than one such password, then it is generally unrealistic. If you need to remember the password, you can use another method. It is worth noting that a password with 10 special characters and capital letters can be cracked much faster than a code consisting of 20 uppercase Latin letters. Even scammers know this.

It turns out that the password, which will contain several simple English words in random order, can be easily remembered, but it is unrealistic to crack it. In addition, if you write each word with a capital letter, then you can be sure that it will never be hacked.

It is worth noting that when writing a password in the Latin layout, but in random Russian words, you can, in general, not worry about breaking the password, since no methods will be able to cope with it.

There is no specific approach to creating passwords. Each method has its own advantages and disadvantages, but it is still worth adhering to the basic principles of building code.

The password must be long enough. It must contain a minimum of eight characters. But sometimes this is not enough if you need to have a sufficiently strong password. In addition, the password must contain special characters, large letters and numbers.

It is not recommended to use personal data for a password, even if it is written in a clever way. There should be no dates, names or surnames. For example, a password containing a date, from the creation of the calendar to today, can be cracked within a short time.

If you need to check the strength of your password, you can use special services. But there is also one nuance here. If the address of such a service does not include https at the beginning, then it is better not to contact it, since it can also be hacked by intruders. In this case, you can enter a similar one with the same number of characters, which will make it possible to understand the reliability of the original.

When you enter a password on such resources, the entropy for the specified code is calculated and a reliability report is issued. If the entropy value is more than 60, then it is almost impossible to hack it even with targeted selection.

Using the same passwords for different accounts

If you have a fairly strong password, but it is used on all accounts on the Internet, the level of its reliability drops significantly. In this case, when hackers break into one of the sites where given password, scammers will gain access to it and immediately try it on other popular public services or even online banking.

For many users it is not very convenient and rather difficult to have unique passwords, however, it is extremely necessary to do if the accounts contain important information... But if the account does not contain important data and is not particularly valuable, then simpler passwords can be used.

Two-factor authentication

It is worth noting that even strong passwords cannot guarantee complete security, and the fact that no one can log into your account. The password can be trite stolen or unobtrusively learned from the user. Almost all powerful online services more recently, they have provided the ability to use two-factor authentication in their accounts. If you need to protect your account, it is highly recommended to use it.

The principle of operation of such authentication is not very different on different services, so everything happens almost along the same path. When visiting an account with unknown device after entering the correct password, additional verification is required.

For this, a code from SMS or a special application on mobile device... In addition, pre-printed codes, electronic or hardware keys can be used. This means that when the password is cracked, the fraudster will not get into the account, if he does not have the user's smartphone, his e-mail or something else at his disposal.

If you need to know more about two factor authentication, you can search the Internet for articles on this topic. You can also read the instructions for use on the services themselves, where it is already used.

Storing passwords

It is very correct to have a separate unique password for each account, but there are inconveniences in their storage. Remembering a large number of unique passwords is difficult. It is not recommended to store passwords in a web browser, as they can easily be taken over by intruders, moreover, they can be lost if the operating system suddenly crashes or when synchronization is disabled.

The most suitable option in this case is to use a password manager.
These applications are designed to store secret passwords in an encrypted vault. Access to such a repository is performed using a single password. You can also use 2-Step Verification. In addition, most of these applications have a password generator and are capable of assessing the strength of passwords.

Many users actively use without access to the Internet, which are designed to store passwords on a PC. Another part of users work with applications with a large number of functions, among which there is synchronization.

Popular programs provide fairly secure and reliable storage of passwords. But in the process of using them, it is necessary to take into account some nuances. To enter the program, you must use one master password. In addition, if the vault is compromised, you will need to immediately change all your passwords.

In addition, you can store passwords in a notebook, locking it in a safe, to which only one person has access, however, with their constant use, this is not very convenient. In addition, you can use an offline database, which must be stored on a third-party drive and, moreover, with a duplicate of them in case of loss.

The most suitable option in this case from all of the above is this approach. All important passwords must be kept in your head or written down on a piece of paper and placed in a secure place. Those passwords that are not particularly important can be stored in password managers.

Additional Information

After reading this article, you can highlight those points to which you should pay special attention. If you follow simple logic and understand the principles of constructing passwords, you can independently make decisions about the security of a particular password. Still, it's better to stick to certain rules.

You cannot use the same password for different accounts. Also, passwords shouldn't be lightweight. You can increase the difficulty level by increasing the password length. The most
The best option is a password with a number of characters from 10 to 20.

In addition, it is not recommended to use personal data in passwords. Also don't use personal information for tips and control questions. It is recommended that you use 2-Step Verification whenever possible.
In addition, you need to find a suitable option for securely storing passwords.

You also need to protect yourself from phishing. This requires checking resource addresses and encryption. In addition, when prompted to enter a password, you need to make sure that the input is carried out on the desired site. You also need to clean your computer from malware.

In addition, it is not recommended to use passwords on third-party PCs, public networks in the absence of encryption of the connection. If you have to use someone else's computer, then you should use anonymous mode or type passwords from the keyboard on the screen.

In addition, it is better not to store passwords that are of particular importance on a computer or on the network. Some that are used daily, it is desirable to remember, the rest to write down and store in a protected place.

Andreas Heissel, TeamViewer Specialist

Password security is one of the issues that constantly worries the modern person. Confidentiality of private life largely depends on the degree of secrecy of passwords. How to make sure that you never again worry that your personal data can be obtained by intruders?

Today, access to virtually any private and commercial information or application is password-based and requires registration. Because password security is critical, it is an important part of the IT professional's job to help employees choose their passwords, as many of them make one mistake after another.

If you're unlucky, a hacked password can help hackers gain sensitive information, steal money, corrupt data, or block access to your accounts. This can cause serious harm, and information recovery will take several months or even years.

Choosing a password is considered a bit of fun, but it is not, and each user should periodically refresh their memory of the rules for creating a strong password.

Stop being predictable

We've all been taught how to create a strong password using the same technique. Online hints require us to use in the password capital letters, numbers and some punctuation marks. Alas - hackers know this pattern too.

As a result, we all:

• we start the password with one word we like and make it the basis of our password,
• capitalize the first letter of this word,
• we add a number or an exclamation mark at the end of the password so that the automatic hint does not find fault with the quality of our password,
• and voila - we get the "perfect" password: "Ninja1!"

Since we are confident in his invulnerability (after all, he meets all the requirements!), We believe that no one in the world will solve it. However, using a method or another technique, our password can be easily calculated.

The only way to avoid this is by not being so predictable.

Never use one word passwords again!

The first step to password security is to avoid using a one-word password. And not because the one-word password is very short, but because such a password is very predictable.

Of course, the advantage of a one-word password is that it is easier to remember than any other. But from a security point of view, simplicity cannot be considered as the main criterion when choosing a solution. Safety must be paramount.

In reality, according to the Better Business Bureau, the most common passwords are not always words.

Below is a list of the 10 most used passwords in 2014 - trust me, none of them are suitable as a password for your bank account:

1. 123456
2. password
3. 12345
4. 12345678
5. qwerty
6. 123456789
7. Baseball
8. Dragon
9. Football

More complex passwords can be both safer and easier to remember at the same time. What will keep the password secure? You will find the answer below.

Can you make your password long and memorable at the same time? There are little tricks.

First of all, strong and memorable passwords consist of several words.

What do you think, PieceOfCake will be a strong password?

Unfortunately no. The first rule of a verbose password is to use several unrelated words, but which are directly related to you.

CoffeeLobsterMarathon(coffee, lobster, marathon) is a good example for such a combination. BUT general impression pronouncing the combination of these three words is so unpleasant that it will be very easy to remember this password.

MaximFavoriteColorIsGrey(Maxim's favorite color is gray)- Perhaps knowing your friend's favorite color Maxim is a rarity. Such a password will be difficult to guess.

The second step in creating a strong password is to replace the letters of the password - you can guess that - with numbers and special characters.

As a result - C0 ff33 L0 b$ t3 rM8 r8 th0 n and D8 v3 sF8 v0 r1 t3 C0 l0 r1 sGr3 y.

Compare them to the original “Ninja1!”

Use unique passwords for each account

I know - there are objections to this advice that it is impossible to remember passwords for each account. But, using the recommendations below, it is not difficult at all.

At the same time, your winnings are huge!

Are there among your friends those who use one password for all occasions?

Believe me, there are a lot of such people!

This is a real threat to information security. Just one leak in any system where you registered, and all your accounts are automatically available.

If your name, address Email and the password will be available to cybercriminals because only one service, website or company you worked with was hacked - hackers will certainly try to use these credentials to access other systems.

But if you have different passwords set, hackers will not get a chance. The security gain is clear.

But how is it possible to remember each unique password?

The best way to remember your passwords (password manager)

Remembering every password we create is impractical. An exception is the passwords that we use every day. However, in most cases we use accounts from time to time. Our memory can easily fail us, and we need help recovering our password.

Password managers are secure apps that help us store and organize our passwords. The only password you need to remember is the password for the password manager itself.

Change passwords regularly

Old passwords need to be changed. Many people see this advice as good advice or unnecessary concern. But there are strong arguments for changing passwords regularly to improve Internet security.

For example, brute-force attacks, i.e. brute-force cryptanalysis, used to guess passwords. This is a simple enumeration of all possible combinations of printable characters. The only limitation for such an attack is the time it takes to achieve the desired result. Although - this time is often surprisingly short!

In particular, according to How Secure is my Password, it only takes 7 minutes to crack our “Ninja1!” Password!

By changing passwords, you can minimize the risk of a brute-force attack being successful. Moreover, it will significantly reduce the risks of a password database leak.

Don't share your passwords with anyone

You don't share your passwords with anyone, do you? Moreover, with strangers? Since most of us are not fixated on security issues, we can fall into the intruder's trap more easily than we realize.

If you are worried that your account might be hacked, change your password immediately! On Haveibeenpwned you can check the information to see if your account has already been hacked.

Make sure your antivirus is working properly

What is the relationship between password secrecy and viruses?

In fact, some types of viruses and malware can track keystrokes on the keyboard, including when logging into accounts, and transmit this information to attackers. In this case, even the strongest password will not protect you from hacking.

Thus, having an antivirus on your computer is part of your password security strategy.

Viruses and other malware often exploit gaps in operating system and applications that are not addressed by the corrective updates. Therefore, the software installed on the computer must also be updated in a timely manner to avoid the risk of being hacked.

Activate two-factor authentication

Two-factor authentication will serve as another barrier to the security of your passwords. After entering the password, the authorization system will require an additional authentication method to log into your account. In particular, the second verification factor can be a temporary digital code generated by the application for authentication on your mobile device. And Intel believes that even our body can be used for two-factor identification.

Access will be granted if the login (username or email address), password and secret code will be entered correctly. Two-factor authentication is the safest way to keep your passwords secure because access will not be granted without correctly entering the additional authentication information.

Password security. Summary

If your passwords are completely secure, you feel relieved of a bunch of problems. Once you have a systematic approach to this issue, the practice of creating a strong password will become part of your habits.

In summary, password security means:

• Get rid of predictability. Passwords like "Ninja1!" need to forget
• Never use one-word passwords again
• Long and complex passwords are safer and more memorable
• Your password for each account will detain hackers
• Password managers are a useful tool for password security
• Make it a rule to change passwords regularly
• Don't divulge your passwords
• Work on devices protected by antivirus
• Use two-factor authentication whenever possible

Hope you found our tips helpful. We wish you to be always safe!

Nowadays, it is quite difficult to find a person who would not use the Internet.

Many users spend quite a lot of time on its open spaces. Therefore, more than ever in demand.

But what to do if all plans are violated by a warning that suddenly appears your connection is not secure.

In this article, we will look at why this error occurs in different browsers and what to do if it occurs.

Content:

The first step is to consider the occurrence of this problem during use.

The meaning of such a message

Often this message appears when visiting secure sites. Such sites when interacting with FireFox browser use a special encryption method - #encryption. This is done in order to exclude the possibility of viewing the transmitted information by intruders.

To understand that you are visiting exactly such a site, pay attention to the line displaying the address of the visited page. In the status line ( #status_Bar) of a secure site, a closed padlock icon will be displayed. It will also be displayed in the address bar ( #lokation_bar).

In addition, the browser will display and Domain name site in the status bar, highlighted in yellow. This is necessary so that the user cannot be misled with the purpose.

Such sites may contain not only protected information, but also unprotected information to which everyone has free access.

If the site's information is unprotected, FireFox will display a lock icon crossed out by an oblique line in the status bar. The domain name will also be missing in the address bar and status bar. If you pay attention to such information, you can immediately understand that the site you are visiting has partial protection.

To solve it, you will need to reinstall the antivirus or disable interception of protected connections in its settings.

For example, if you are using to protect the system - open "Settings" and go to the tab "Active protection".

There you need to click on the "Configure" button located next to the web shield.

In the window that opens, uncheck the selection box from the line "Enable HTTPS Scanning"... In conclusion, it is necessary to confirm the changes made in the settings by clicking on the "Ok" button.

If you are using a product such as - you will need to follow these steps:

• open a window with antivirus settings;
• in the lower left part of this window, click on the "Settings" button;
• use item "Additionally" to go to the "Network" tab;
• deselect the menu bar "Scan encrypted connections";
• tick the parameter "Do not scan encrypted connections";
• confirm the changes by clicking the "OK" button.

It is not difficult to find the information you need for other antivirus products on the Internet.

Lack of trust in the certificate, your browser can display not only on little-known sites, but also on such giants as Google. Most often, owners may encounter this. This is because Microsoft family settings are activated in user accounts.

The next step is to delete all existing family members using the function "Remove from family" on the advanced options tab.

In conclusion, you should also leave the family yourself, using the parameter of the same name.

The fourth mistake

It lies in the lack of trust in the certificate, since the latter is self-signed.

These types of certificates are designed to protect against eavesdropping, but do not provide any information about the recipient.

Most often, non-public sites use this, so you can easily bypass this warning.

Fifth mistake

It consists in the fact that the certificate provided to you belongs to a completely different Internet resource.

This problem occurs quite often and primarily due to the fact that the issued certificate is valid for one part of the visited site.

For example, you visited https: /example.com and received a warning about a similar error, and a certificate was issued for https: / www example.com. If you go to the last one, no warnings will appear.

Certificate store

The appearance of such messages can also occur due to file corruption cert9.db that stores all your certificates.

In this case, without opening FireFox, delete the above file so that it will be restored the next time you start it.

To do this, follow these steps:

• open the menu and select the "Help" item;
• go to tab "Information for problem solving";
• open the profile folder located in the section "Application Information";
• open the menu again and select "Exit";
• highlight the file db and remove it;
• restart your browser.

When is it possible to ignore warnings?

This option is suitable if you are confident in the reliability of the resource.

However, even in this case, you are not insured against eavesdropping and interception of confidential data by unauthorized persons.

If you nevertheless decide to ignore the warning that appears, follow a few simple steps.

On a page with a similar warning, use the button "Additionally".

If the browser connects to a site with weak encryption, load it using the outdated security system. You will be given the opportunity to download this. In the case of a resource whose certificate is unverified, add it to the exceptions.

Error reporting capability

There are quite a large number of sites on the Internet that make it possible to report an error to your center.

To do this, check the box at the bottom of the issue record page, next to the line "Report bugs like this to help Mozilla and block malicious sites."

A warning about an unsecured connection appears in the browserChrome

The occurrence of problems with the certificates of certain sites opened by the Chrome browser is identical with FireFox and can be solved by similar methods.

The reasons for their occurrence should also include:

In the first case, to eliminate the error, you will need to correct the system date and time so that they match those set on the server. To do this, open the tab for time and date settings, and adjust them.

A warning due to an unverified or outdated certificate most often occurs when you try to enter your personal account on a particular resource.

To get around this, click on the tab in the error display window "Additionally" and then use the button "Go to the site".

Blocking extensions are more related to the anti-virus program installed on the computer.

In order to correct this situation, you will need to open Chrome browser and go to the installed extensions tab.

Select your modules from the list of available ones and uncheck the checkbox.

After that, reopen your browser and try to go to the site.

The occurrence of such an error may also be due to a crash in Chrome. A banal reinstallation of the browser can fix the situation.

To remove the faulty version, open the window "Programs and Features", select a title installed browser and click the "Delete" button.

After the application has been removed, restart your computer and re-run Google installation Chrome.

In most cases, the insecure connection warning stops bothering you.

Conclusion

This article has come to an end, in which we examined the options for the appearance of a warning about the presence of an unsecured connection.

We hope that the available information will be useful to you and will help you in solving this error.

Your connection is not secure how to fix: