Jun 13, 2017 - Find out how to disable the 'This Connection is not secure' warning message in Firefox when you try to log in to websites using the browser.
Firefox displays 'This Connection is not Secure. Logins entered here could be compromised' warning messages when sites don't protect their login pages with HTTPS.
The idea behind the feature is to display a visual reminder to Firefox users that the data that they enter into a form is not protected when they hit the login or submit button on websites that don't use HTTPS. While that is a handy reminder for many inexperienced Firefox users, experienced users may not find it super handy to have. The main reason for that is that you can look at the page address, or the lock icon, displayed in the browser's address bar to see the same thing. If there is a red strike-through lock icon, and if the site is not using https, then anything that you enter on the site and submit is not encrypted and thus readable. This Connection is not Secure The prompt, as useful as it may be to some users, may cause two issues for other users. First, it prevents that login information is filled out automatically on affected sites.
Firefox's password manager won't fill out the information automatically, so that you need to do so manually in some way. This may be the sane thing to do on new sites, but if you are a regular on a site that has not just yet switched to HTTPS, you may trust the site enough to want Firefox to continue filling out the information to improve the login process. The second issue is not as dramatic, but the prompt may overshadow other page elements. If the username and password prompt are displayed vertically, the username prompt warning may overshadow the password field. Mozilla notes that you can just hit Enter to dismiss it, but this did not work for me. Whenever I hit the Enter-key, the data was submitted.
Clicking outside the box helps however and dismisses the box. Disabling the contextual warning Here is how you disable the 'this connection is not secure' warning in Firefox:. Load about:config in the Firefox address bar and hit the Enter-key. Search for security.insecurefieldwarning.contextual.enabled. Double-click the preference. The default value of the preference is true, which means that the feature is enabled and that Firefox will display warning prompts when you activate insecure login fields. If you set it to false, those warnings are not shown.
Toggling the preference won't have any effect on the automatic filling out of forms on HTTP pages. You need to modify another preference of the Firefox web browser for that. Open the about:config page again. Search for signon.autofillForms.http. Double-click the preference. The default value of false prevents the Firefox web browser from filling out form information on HTTP pages. If you set it to true, Firefox will auto-fill form pages on HTTP pages as well.
Closing Words The warnings will become less and less as time passes as more and more sites will migrate to HTTPS. The warnings may raise awareness, and that is definitely a good thing. Statistics on how many users are leaving the login pages of sites where the warning message is displayed would be useful Now You: Do you find the prompts useful?
“but if you are a regular on a site that has not just yet switched to HTTPS, you may trust the site enough to want Firefox to continue filling out the information to improve the login process.” It doesn’t have anything to do with trusting the site tho, does it? The website sees what your doing anyway. Correct me if I’m wrong but isn’t https more for protection of man-in-the-middle attacks then for anything else? Requested http sites can be manipulated and read from anybody inside your local network as well as from anybody else that sits between you and the actual site. So it’s not actually about trusting the website but trusting your local network, your ISP etc. “A site that has not just yet switched to HTTPS” needs to be avoided.
An SSL Certificate is inexpensive enough for any site that is worth visiting. If the admin of a site is so inexperienced and cheap that he/she won’t/can’t’ add a simple feature, then the site should be boycotted, blocked, avoided, denounced, trashed, hacked–whatever it takes–to wake the lazy creature from the slumber of stupidity and gross negligence. SSL is really a feature that tells visitors that “We care.” Donation Coder, by the way, uses. Thanks for this info. I run a remote desktop connection to my server, where I login to my SmarterMail installation for administration purposes. Whilst I can see how these warnings might have some use, they are just annoying on LAN based remote desktop connections.
They also prove to be extremely annoying in login boxes, where the warning obscures the bottom text entry box as is the case with SmarterMail. Sadly, this is all too common with Firefox’s attitude to users and functionality. It’s a case of “Sod the users, let’s just make a point”. Thankfully, there are users like yourself who are providing the solutions that the Firefox team couldn’t be bothered to think about.
They need to remove the blinkers every now and again and take a good look at the real world.
I'm on a mac running OS 10.10.3 and just installed Firefox 47.0.1. However, I am unable to connect to any website but receive 'Your connection is not secure The owner of has configured their website improperly. To protect your information from being stolen, Firefox has not connected to this website.
This site uses HTTP Strict Transport Security (HSTS) to specify that Firefox only connect to it securely. As a result, it is not possible to add an exception for this certificate.' This is the same message I receive for every website, including Mozilla.
I have been unable to find a workaround and so far this has made the entire browser useless. It is only effecting Firefox, as Chrome and Safari are working perfectly fine. I'm on a mac running OS 10.10.3 and just installed Firefox 47.0.1. However, I am unable to connect to any website but receive 'Your connection is not secure The owner of www.google.com has configured their website improperly. To protect your information from being stolen, Firefox has not connected to this website.
This site uses HTTP Strict Transport Security (HSTS) to specify that Firefox only connect to it securely. As a result, it is not possible to add an exception for this certificate.' This is the same message I receive for every website, including Mozilla. I have been unable to find a workaround and so far this has made the entire browser useless.
It is only effecting Firefox, as Chrome and Safari are working perfectly fine. When you get this for pretty much all secure sites, the problem usually is one of the following: (1) Error in your system's date, time, or time zone, which throws off certificate validity checks. Sometimes allowing computers to use an internet-based time source can introduce this problem. (2) Firefox not being set up to work with your security software that intercepts and filters secure connections. Products with this feature include Avast, BitDefender, Bullguard, ESET, and Kaspersky; AVG LinkScanner / SurfShield can cause this error on search sites. If you have any of those specific security products: check this support article:. (3) On Windows 10, Firefox not being set up to work with the parental control software Microsoft Family Safety.
(To test by turning it off, see: ) (4) Malware on your system intercepting secure connections. If none of those ring a bell: You could inspect a sample certificate to see whether that points to the culprit.
![Mozilla Connection Not Secure Mozilla Connection Not Secure](/uploads/1/2/4/2/124274192/422859324.png)
If you want to try that now, here's how I suggest starting: Load my test page at: You likely will get an error page. Expand the 'Advanced' button and look for an Add Exception button.
Note: You don't need to complete the process of adding an exception - I suggest not adding one until we know this isn't a malware issue - but you can use the dialog to view the information that makes Firefox suspicious. Click Add Exception, and the certificate exception dialog should open. Click the View button.
If View is not enabled, try the Get Certificate button first. This should pop up the Certificate Viewer.
Look at the 'Issued by' section, and on the Details tab, the Certificate Hierarchy. What do you see there? I have attached a screen shot for comparison. When you get this for pretty much all secure sites, the problem usually is one of the following: (1) Error in your system's date, time, or time zone, which throws off certificate validity checks.
Sometimes allowing computers to use an internet-based time source can introduce this problem. (2) Firefox not being set up to work with your security software that intercepts and filters secure connections. Products with this feature include Avast, BitDefender, Bullguard, ESET, and Kaspersky; AVG LinkScanner / SurfShield can cause this error on search sites. If you have any of those specific security products: check this support article:. (3) On Windows 10, Firefox not being set up to work with the parental control software Microsoft Family Safety. (To test by turning it off, see: ) (4) Malware on your system intercepting secure connections.
If none of those ring a bell: You could inspect a sample certificate to see whether that points to the culprit. If you want to try that now, here's how I suggest starting: Load my test page at: You likely will get an error page. Expand the 'Advanced' button and look for an Add Exception button. Note: You don't need to complete the process of adding an exception - I suggest not adding one until we know this isn't a malware issue - but you can use the dialog to view the information that makes Firefox suspicious. Click Add Exception, and the certificate exception dialog should open. Click the View button. If View is not enabled, try the Get Certificate button first.
![Mozilla Connection Not Secure Mozilla Connection Not Secure](https://prod-cdn.sumo.mozilla.net/uploads/images/2016-01-28-17-27-50-b68651.png)
This should pop up the Certificate Viewer. Look at the 'Issued by' section, and on the Details tab, the Certificate Hierarchy. What do you see there?
I have attached a screen shot for comparison. When you get this for pretty much all secure sites, the problem usually is one of the following: (1) Error in your system's date, time, or time zone, which throws off certificate validity checks.
Sometimes allowing computers to use an internet-based time source can introduce this problem. (2) Firefox not being set up to work with your security software that intercepts and filters secure connections. Products with this feature include Avast, BitDefender, Bullguard, ESET, and Kaspersky; AVG LinkScanner / SurfShield can cause this error on search sites. 'If you have any of those specific security products:' check this support article: How to troubleshoot the error code 'SECERRORUNKNOWNISSUER' on secure websites.
(3) On Windows 10, Firefox not being set up to work with the parental control software Microsoft Family Safety. (To test by turning it off, see: (4) Malware on your system intercepting secure connections. 'If none of those ring a bell:' You could inspect a sample certificate to see whether that points to the culprit. If you want to try that now, here's how I suggest starting: Load my test page at: You likely will get an error page.
Expand the 'Advanced' button and look for an Add Exception button. 'Note: You don't need to complete the process of adding an exception - I suggest not adding one until we know this isn't a malware issue - but you can use the dialog to view the information that makes Firefox suspicious.' ' Click Add Exception, and the certificate exception dialog should open.
Click the View button. If View is not enabled, try the Get Certificate button first. This should pop up the Certificate Viewer.
Look at the 'Issued by' section, and on the Details tab, the Certificate Hierarchy. What do you see there? I have attached a screen shot for comparison. Jscher2000 (2) Firefox not being set up to work with your security software that intercepts and filters secure connections. Products with this feature include Avast, BitDefender, Bullguard, ESET, and Kaspersky; AVG LinkScanner / SurfShield can cause this error on search sites.
If you have any of those specific security products: check this support article:. This was my solution, I have Avast and disabling 'Scan secure connections' in the web shield worked for me. However just disabling 'Scan secure connections from browsers only' does not work. 'jscher2000 #answer-895404 said' (2) Firefox not being set up to work with your security software that intercepts and filters secure connections. Products with this feature include Avast, BitDefender, Bullguard, ESET, and Kaspersky; AVG LinkScanner / SurfShield can cause this error on search sites. 'If you have any of those specific security products:' check this support article: How to troubleshoot the error code 'SECERRORUNKNOWNISSUER' on secure websites.
This was my solution, I have Avast and disabling 'Scan secure connections' in the web shield worked for me. However just disabling 'Scan secure connections from browsers only' does not work.