Security

Firefox Nixes the Favicon in the URL Bar

Confusion over HTTPs security at the heart of the browser change.

Google+ Twitter

Ricky publishes and manages the content on BizTech magazine's website. He's a writer, technology enthusiast, social media lover and all-around digital guy.

As more users become aware of secure browsing, one of the first things they look for is HTTPs (versus HTTP) in the URL bar of their browser. Usually, HTTPs/SSL-encrypted sites come with a padlock favicon in the URL bar as well.

Unfortunately, malware proprietors have leveraged this user-friendly icon to dupe customers into giving up confidential information by faking the familiar favicon in the URL bar.

Google’s Chrome browser has already done away with the favicon, and now Mozilla’s Firefox will follow suit.

The Next Web reports that, according to Mozilla Software Engineer Jared Wein’s blog, the next version of the Firefox browser will display either globe symbols for the unsecure sites or padlock symbols for secure sites with valid SSL certificates.

Websites that use SSL certificates with Extended Validation will now have a green padlock next to the certificate owner’s organization name.

Websites that use SSL certificates without Extended Validation will now have a grey padlock. The effective hostname will no longer appear next to the padlock. This information is redundant with our darkening of the effective hostname in the website address.

Websites that do not use SSL certificates or have mixed content will fall back to a globe icon.