Having issues with xfinity home page and email. The address bar for my.xfinity.com home page is unsecure when initially loading. Refreshing the page changes the status to secure, but inevitably over time reverts back to an unsecured status. Xfinity email does the opposite. Email is secure upon initial load, but as soon as i click on on an email, "not secure" appears in the address bar.
The above two situations occurs on multiple devices, multiple browsers (google chrome, firefox -etc). Called comcast to no avail.
Appreciate any help!
Solved! Go to Solution.
If the web address begins with "http:", you can try changing it to "https:". If the address already begins with "https:", there isn't much you can do except report the problem to the site's webmaster. The cause can be an "http:" image on a "https:" page, or other, weirder, html or security certificate problems.
For more information try a [browser name] "not secure" Google search. Here's an example for the Chrome browser: https://www.google.com/search?q=chrome+"not+secure".
Xfinity home & email web pages do begin with "https", but they also have a "not secure" indicator preceding them. Certificate seems to be valid.
Refreshing the page (both xfinity home and email) will secure page content, but it reverts back to "not secure"over time.
The above happens on multiple browsers (chrome, firefox - etc) and all devices.
Spoke with xfinity who claims it is a problem with our modem or router, but issue occurs when on a different networks (ie at work).
Logging into other websites does not appear to be an issue. Websites are shown to be secure. The problem appears to be just with xfinity.
Concerned with security of my email. Please advise.
the secure encryption applies when entering secure information like passwords, credit card information, etc. This is due to you opening a data transfer channel of authentication to the server so you can authenticate or approve a payment. So be assured that when you enter your password to the login page or enter any sensitive information - the communication of that data from your computer to the server is protected(HTTPS).
Once you are already in your email, it becomes unencrypted at the browser level because all of the data is stored and encrypted on the server - you are just using a user interface to interact with it. This allows end users like yourself to use any third party extensions and/or services like spellcheckers or email extensions to modify your viewing/drafting experience. Essentially, majority of the data that could be deemed sensitive is stored server side which has its own encryption and protection.
Think of it like using a key to open a lock to get into a room through a door. Once you're on the other side and lock the door behind you, you are already safe and dont need to keep the key in your hand anymore, put it back in your pocket.
It seems that in some cases, content from your messages (images, etc) may be loading over HTTP, lacking the use of SSL. In these cases, the communication with our email systems is still protected by SSL, but those external items are not. In this case, your browser will recognize that there are "mixed content" items. The browser shows the page as Unsecured because not all items being displayed are secure. Your email itself is still safe and secure.
No, VPN usage will not affect this differently.