Verify Secure Websites
August 2020 – by Per Christensson
There are two simple ways to verify a website is secure:
The lock icon indicates a site uses the secure HTTPS protocol instead of standard HTTP. HTTPS encrypts all traffic between your device and the web server via SSL. The encryption requires a secure certificate, installed on the web server. Certificates may be generated automatically or purchased from a third-party certificate authority.
If you want to view more information about a website's certificate, click the lock icon in the address bar and select "View Certificate." The screenshot below displays information about the PC.net SSL certificate.
The certificate is issued by Let's Encrypt for PC.net. It is valid, but it is not specific to a company or organization. This type of auto-generated certificate is fine for most websites since the primary goal is to provide secure access to the site. E-commerce and financial sites, however, should have a third-party-issued certificate that matches the company behind the website.
Viewing Certificate Details
If you're unsure about a website's authenticity, click the lock icon in the address bar to view the certificate details.
First, check the "Issuer" information.
If the certificate is issued by a known authority, such as Thawte or DigiCert, it means a third party has verified the company's information and website.
Second, check the "Organization" details.
If the organization name matches the company behind the website, you can be confident the site is legitimate.
The web browser will automatically authenticate the validity of the certificate authority and make sure the certificate has not expired.