macOS and iOS: New Website Warnings (and What They Mean)

1 minute read
| Quick Tip

One of the most awesome changes in macOS High Sierra 10.13.4 and iOS 11.3 is how Safari behaves when you’re trying to enter information into an insecure page. Before this update, you had to be careful to look in the Safe Search field if you were about to log in to a website; green text and a little lock icon meant you were using an encrypted site.

Green Text in Safari URL Bar showing secure site

But with both of the newest versions of its operating systems, Apple has introduced can’t-miss red text to warn you when you’re about to type login or credit card info on unencrypted pages, like so:

New Red Text in Safari on the Mac indicating a website isn't secure

New Red Text in Safari on iOS indicating a website isn't secure

That’s a pretty obvious hint that you should think about what you’re doing. In my case here, I’m about to log into a sports-related forum, so I’m not all that concerned. But if you’re on what you assume is your banking website or, say, one that you think is the Gmail sign-in page, notice this red text. Let the paranoia run through you. Pay freakin’ attention, and by that I mean stop and don’t log in. You may be on a site that’s pretending to be the one you wanted, and if that’s the case, entering your username and password could be bad! Especially if you’re using the same password on other sites. Bad bad bad.

I’m really glad Apple’s taken this step; anything that could stop someone from falling for a nefarious website’s tricks is helpful, I think. Yay for progress!

1
Leave a Reply

Please Login to comment
1 Comment threads
0 Thread replies
0 Followers
 
Most reacted comment
Hottest comment thread
1 Comment authors
Graham McKay Recent comment authors

This site uses Akismet to reduce spam. Learn how your comment data is processed.

  Subscribe  
newest oldest most voted
Notify of
Graham McKay
Member
Graham McKay

Have to be a little bit careful to differentiate between an encrypted connection and an authenticated connection. This Safari feature mentioned above only relates to whether the site is presented over https and therefore prevents “man in the middle” capture of your entered details. It is quite possible for a phisher to send you to a site like my-untrusted-bank.com that has a valid SSL certificate but is pretending to look like my-trusted-bank.com Extended Validation (EV) certificates are an attempt to help with the authenticated/verified ownership, as represented by the green name, but we haven’t yet got to the point of… Read more »