Home / Security / Most web users ignore security certificate warnings

Most web users ignore security certificate warnings

SSL failure
How many times have you searched for the perfect site about the new summer action movie and clicked on a link only to be presented with a warning about a certificate. Do you stop and read the warning? Do you investigate the certificate? Would you even know if the certificate could not be trusted? According to a new study, most web users ignore their browser security certificate warnings.

SSL certificates are supposed to provide users with a level of encryption they can trust for secure (HTTPS) sites. But when a window pops up telling a user the certificate is invalid or has a problem, what should the user do? Carnegie Mellon researchers conduct a study of 409 participants to determine just that. Of the 50 percent of Firefox 2 users who even knew they were being given a security warning, 71 percent said they would ignore it.

With Mozilla Firefox 3 makes it more difficult to ignore because users have to add an exception in order to allow access to the site, but the looming questions still remain. How do users know which sites to trust? Unless they are security experts, what safety protocols could they reasonably put in place? Website owners certainly bear the brunt of the responsibility to make sure their certificates are properly signed, and this is especially important for financial institutions. The complete findings of the study will be released August 14.

Source: ZDnet Asia
Photo: Flickr

Check Also

physical servers security

Colocation sever security

Collocation is the movement of the servers from an in house location usually to a …