HTTPS security warning popup repeats itself

Topic

New Reply

Recently I installed IE9 and did not like how it behaved (didn’t like Facebook and so many other website that would not allow content to run), so I uninstalled and reverted to IE8. Now however, especially when trying to connect to my bank using “InPrivate Browsing” I keep getting a pop up:

“Do you want to view only the webpage content that was delivered securely?

This webpage contains content that will not be delivered using a secure HTTPS connection, which could compromise the security of the entire webpage.

YES – NO”

It does not matter if I select yes or no, the pop up keeps occurring!

As an example, it occurs so often that my bank decided that I was trying to hack into my own account and had me call them to reset my password and verify that it was actually me trying to log in.

So I did all that and tried to log in again and keep getting the same pop-up.

Rather than go through the entire debacle of calling the bank yet again, I decided to try Google Chrome instead. Using their Incognito for private browsing I was able to log on to my bank and conduct my business.

I would switch back to IE8 or IE9 if I could figure out how to disable this pop up. I have set my banks page to trusted but it doesn’t seem to help.

Any suggestions on how I can disable this pop up?

brat352

Reply | Quote

Replies

Personally I woud go back to I.E 9, but that is just my $.02 worth. In I.E. 9 and I.E. 8as well, you might try putting the sight into your trusted sites.

Reply | Quote

That warning occurs whenever there is a link to a non https page embedded in the https page. As it happens on your bank site it may bean add-in doing odd things – I would expect your bank site to only serve https content.
Try connecting to SourceForge via this link and see if the message pops up. If so it’s something in Internet Explorer doing bad things.

cheers, Paul

Reply | Quote

If allowed to choose between using Internet Explorer or Google Chrome for online Banking, I would choose Chrome every time. Just from a security point of view, most Banking Password stealing Trojan horses work almost exclusively on IE, and fail to do their dirty work inside of Chrome. And that’s just one of many benefits of Chrome over IE from a security perspective.

But if you are more comfortable with IE, that warning should not be causing banking log-ons to fail. Something else may be going on here.

If you don’t want the warning popup to appear (not recommended for most sites), go to IE Internet Options, Security Tab, and select Custom Level. (I would do this only for your Trusted Zone.) Scroll down to “Miscellaneous”, then to “Display Mixed Content” and change the check mark from Prompt to Enable. Don’t adjust this setting for your Internet Zone.

By the way, once you are logged in (from a totally secured web page), it does not matter that the redirect is to a page with mixed content. You are still secure in most cases. Just as long as the Padlock is in the browser location bar and that area is green. If not, I would call the bank and ask them to make their site more secure. At least then you have done your due diligence.

-- rc primak

Reply | Quote

I will assume here that your bank’s web site is in the Internet Security Zone. If you added the web site to another security zone, modify that security zone.

In IE, go to
Tools | Internet Options
Go to to SECURITY TAB
The default zone selected is Internet
Click on Custom Level
Scroll to the “Miscelaneous” section
Find “Display Mixed Content”
Change it to Enabled or Disabled
OK out of the panel
Close and re-open IE

Note on choices:
Enable will allow all information to be displayed in the web page.
Disable will allow only SECURE information to be displayed. (safer but may block important information.)

My suggestion is to complain loudly to the bank to not place unsecure content in their secure web pages. It is a security risk!

Reply | Quote

I will assume here that your bank’s web site is in the Internet Security Zone. If you added the web site to another security zone, modify that security zone.

In IE, go to
Tools | Internet Options
Go to to SECURITY TAB
The default zone selected is Internet
Click on Custom Level
Scroll to the “Miscelaneous” section
Find “Display Mixed Content”
Change it to Enabled or Disabled
OK out of the panel
Close and re-open IE

Note on choices:
Enable will allow all information to be displayed in the web page.
Disable will allow only SECURE information to be displayed. (safer but may block important information.)

My suggestion is to complain loudly to the bank to not place unsecure content in their secure web pages. It is a security risk!

That’s another good way to do the same thing essentially.

My best advice for avoiding having to roll back a new browser version — wait for the raves, rants and howls of agony to die down. Then upgrade. This has worked for me since the IE5 to IE6 upgrade. Never had to roll back.

Now Firefox is a different matter… :rolleyes:

-- rc primak

Reply | Quote

Oh, one thing Microsoft does not mention is that though their IE upgrades have an “uninstall feature” the uninstall does not return the system to its previous state. Each makes system level changes when installed that the uninstall does not back out! The only true uninstall is a restore or reload.

Reply | Quote