TOPIC:

I received this from one of our members:
I notice in Firefox, logging into Daybreak I get a insecure website warning.
Insecure password warning in Firefox

Firefox will display a lock icon with red strike-through red strikethrough iconin the address bar when a login page you’re viewing does not have a secure connection. This is to inform you that if you enter your password it could be stolen by eavesdroppers and attackers.

Starting in Firefox version 52, you will also see a warning message when you click inside the login box to enter a username or password.

It does say you can check for a secure version of the page

Does something need to be updated or fixed?

Hi, CirceD!!!

Check out :

support.toastmastersclubs.org/4-general-...sthost-https-support

This issue isn't really new, but some web browsers are just now calling peoples' attention to it. It'll take a little work to clean up, if you opt to do so (many do not).

Wes B.

Circe:

FTH has never really supported HTTPS in the past. Those warnings are new in browsers as "big brother" Google is starting to push for more enforced HTTPS use.

You can use HTTPS right now w/ FTH for the toastmastersclubs.org based domains if you explicitly specify it when accessing your website. I am currently working to get some sort of scheme together to get/manage free ssl certs for custom domains via Let's Encrypt.

However, there are a number of thorny "mixed content" issues with this that have nothing to do with the system implementation... Clubs are going to have to address the problems in their content if they are trying to access insecure content resources. The only thing we will be able to do about that is provide different levels of HTTPS enforcement (as a setting) and provide some sort of warnings if clubs try to save insecure content.

As wesb is alluding to, this is a challenging issue that will take some time to get sorted out, and we are a bit constrained in what we can do when it comes to mixed content issues.