Website Security Facts for Inirgee and ImaginaryColours.com
It is important to know that our website is secure. Even though our Security Certificate may be having technical trouble, this does not affect the actual security of our store.
A Security Certificate (GeoTrust, Thawte, GoDaddy, etc. etc. etc.) is simply a Certificate purchased by the store owner to add a "stamp of verification" to an already-secure site. This is done to help the consumers have greater confidence in purchasing at that particular online store.
If there is not a certificate, or if your web browser (Internet Explorer, Firefox, etc.) pops up a warning saying that there is a problem with a certificate, you should not take the warning as a dire threat.
Look at the list below to see other indicators that a site is secure:
| Where to look | If it is Secure | If it is Not Secure |
| In the address bar at the top of your browser where you type in the
web address:
www.imaginarycolours.com Look for the first few characters in the address bar, beginning with "http" or "https". The "s" means secure. |
https:// | http:// |
| On the lower edge of your browser window, usually on the right, look for a padlock icon. Note that in Internet Explorer, the padlock does not always show up even if the site is a secure "https" site. | you will see a "locked" padlock | you will see an "unlocked" padlock |
| On some browsers, the background color of address bar will change. | Firefox: yellow | Firefox: white |
Common Pop-up Security Messages
| In Internet Explorer: |
| Security Alert Information you exchange with this site cannot be viewed or changed by others. However, there is a problem with the site's security certificate. *The security certificate is from a trusted certifying authority. *The security certificate has expired or is not yet valid. *The security certificate has a valid name matching the name of the page you are trying to view. Do you want to proceed? Yes No View Certificate
|
| In this case, you can safely
click Yes.
Note that the first line tells you that the site is, indeed secure, just that the Certificate has a problem. The first bullet point states that the Certificate is from a reputable company. This is good. The second bullet states that the Certificate has expired. This is not necessarily bad, and in any case does not affect the security of the site. The third point states that the name registered on the Certificate matches the name of the web page you're trying to view. This is good. The names should match. |
| You may get another information window such as: |
| Security Information This page contains both secure and nonsecure items. Do you want to display the nonsecure items? Yes No More Info |
| It is safe to click Yes
here. A warning about "nonsecure items" sounds unreasonably threatening. Nonsecure items have nothing to do with your security on the site. Nonsecure items are usually things like graphics or photos, which are stored in a separate, non-secure folder on the server, then pulled up from there for use on a web page. There is no reason to store graphics in a secure folder. |
| In Firefox: |
| "www.imaginarycolours.com"
is a site that uses a security certificate to encrypt data during
transmission, but its certificate expired on [date][time]. You should check to make sure that your computer's time ([date][time]) is correct. Would you like to continue anyway? View Certificate Continue Cancel |
| In this case you can click
Continue. The wording in this message is a bit misleading. An "https" page is secure, whether a Certificate is there to say so or not. The Certificate is purchased by the store simply to build customer confidence in what already exists. Think of it like putting an alarm on your car. If you lock your car, the car is secure. If you put an alarm on it, you feel more confident in its security, but the car is actually still locked with the same locks. You didn't add a magic forcefield around your car. |