June 21, 2008 9:14 PM PDT

Firefox 3: Expand the Site Identification button on HTTPS pages

by Michael Horowitz
  • Font size
  • Print
  • 2 comments

My last two postings were about making secure HTTPS web pages more obvious in Firefox 3 by adding back the colored address bar from version 2. There is yet another visual trick available with Firefox 3 that also makes secure web pages harder to miss.

As noted earlier, the new site identification button, which used to be merely a favorite icon, now turns blue on most HTTPS pages and turns dark green (see below) on those that offer extended proof of their identity (such as jr.com and paypal.com).

Firefox 3: site identification button with extended validation

The dark green site id button includes the strongly verified website name and is thus much wider and more obvious. In contrast, the blue site id button show below is easily missed.

Firefox 3: normal blue site id button

With a little configuring, we can get the blue site id button to also include the website name. While, domain names displayed in blue are not as well verified, the point is to get the extra visual clue that the page is encrypted.

This comes from a comment to this article by Johnathan Nightingale, who works on security at Mozilla.

"I would recommend that color blind users (or others, for that matter) also consider changing the browser.identity.ssl_domain_display pref in about:config. Changing this from 0 to 1 causes the verified domain to be displayed in the button for basic-identification sites."

To do this, first enter "about:config" in the address bar (without the quotes), then click on the all-too cutesy "I'll be careful I promise" button.


Next, in the Filter box, type "browser.id". That should leave your browser looking like the below:


Double click on browser.identity.ssl_domain_display and change the default of zero to 1.


Click OK and you're done. There is no need to restart Firefox, you'll see the new expanded blue site id button the next time you view an HTTPS page. I verified this in Windows XP, 2000, Vista and Ubuntu Linux 8.04. It should work in Macs too.

After

Before

Combining Tips

Finally, if you read my earlier postings about restoring color (either yellow or green) to the address bar for encrypted HTTPS pages, then the end result is shown below.

Windows Vista

Ubuntu 8.04

There is no missing the fact that this page is encrypted.

See a summary of all my Defensive Computing postings.

Michael Horowitz is an independent computer consultant and the author of several classes on Defensive Computing. He is a member of the CNET Blog Network, and is not an employee of CNET. Disclosure.
Topics:

Software,

FYI

Tags:

Firefox

Share:
Digg
Del.icio.us
Reddit
Recent posts from Defensive Computing
Fixing bugs in the Flash Player yet again
Getting more battery power for your computer
Get an MSI Wind Netbook for only $349
Not interested in a Netbook computer? Consider the Honda Fit
Beware emails linking to blogspot.com
When Word documents break
More about printer ink rip-offs
Some computers are too important to be networked
Related
Mozilla pushes back Firefox 3.6, 4.0 deadlines
Get started with essential Chrome extensions
The 10 best new Firefox add-ons of 2009
Firefox note-taking add-ons are Web supersavers
Little Firefox add-on makes simple macros
Trend Micro forecasts future threats
PicScout expands catalog; adds Ito as adviser
Three more ways to slice and dice the Web
Add a Comment (Log in or register)
by chukkynze February 15, 2009 1:00 PM PST
Is it possible to combine these two tweaks into a Firefox plugin that can be downloaded by FF3 users ie customers of an adversely affected website? Ever since the switch from ff2 to FF3, my firefox side traffic has slightly slacked off.
Reply to this comment
by BONEMEAL July 20, 2009 1:17 PM PDT
Thanks for the explanation....I was wondering why these green bars in the favicon area were popping up, and now I know why. I do like the extra visual representation, just another plus for FireFox.
Reply to this comment
advertisement

15 sites that went kaput in 2009

Web sites launch all the time, but they also shut their doors. We highlight 15 that bit the dust this year.

Top 10 news stories of the decade

Let the debate begin: Was the iPhone more important than iTunes? Was anything bigger than Google finding a great business model? CNET offers its list of the 10 most important stories of the '00s.

About Defensive Computing

Michael Horowitz is an independent computer consultant and the author of several classes on Defensive Computing. He views Defensive Computing as taking steps, when things are running well, to avoid or minimize the inevitable problems down the road. It's about educating yourself to the level where you can make your own intelligent decisions about keeping your computers and data happy and healthy. If you depend on computers, yet are on your own, without an IT department or nearby nerd, this blog's for you. His personal web site is michaelhorowitz.com.

He is a member of the CNET Blog Network and is not an employee of CNET.

Disclosure.

Add this feed to your online news reader

Defensive Computing topics

advertisement
advertisement

Inside CNET News

Scroll Left Scroll Right
News
News site map
Latest headlines
Contact News
News staff
Corrections
CNET blogs
Popular topics
Apple iPhone
Apple iPod
Cell phones
CES 2010
GPS
LCD TV
CNET sites
CNET Site map
CNET TV
Downloads
News
Reviews
Shopper.com
More information
Newsletters
CNET Mobile
Customer Help Center
RSS
CNET Widgets
About CNET