A secured website can be identified from the lock symbol on the browser bar. Different browsers have different ways to show this to users. One should be really aware of the benefits of using an SSL certificate for a website.
The cases when users do not pay attention to the lock sign in the browser can lead to unforeseen circumstances. Entering any data to a website not secured with an SSL certificate can lead users to phishing or MITM attacks. At the same time the website owner should also pay close attention to the risk of not securing a website.
Also Read: How to protect yourself from a MITM attack.
There are many cases where reputed websites forgot to renew their SSL certificate which causes man-in-the-middle attacks. Recently, Microsoft team confirmed, it went down for a few hours because of an expired SSL Certificate, during that period people were trying to log in without knowing that it wasn’t secure.
Keeping this mind, I would like to showcase what users should check in order to make sure they are visiting a secure website. CAB forum has made this mandatory to show certificate information to the website users. An SSL certificate deployed successfully shows some relevant information about the URL & the company.
What all things do SSL Certificate Information contains?
- Validity Period
- Name of Certificate Authority (CA) Issued
- Subject Name (that contains information about the company, type of SSL Certificate and domain name for which SSL was issued.)
- Key Usage
- CRL Information
- Signing and Hashing Algorithms Underlying the Encryption.
This information can be found in your browser. The importance of this information may vary from person to person. But it is best practice to check certificate information before entering any data to a website.
Read here for the steps to check SSL Certificate Information.