What’s a Secure Certificate?

Why do I need a secure certificate?

I don’t know how else to start this off, so I’ll keep it simple: if your website has a login, you need a secure certificate.

Which has you asking, “what the heck is that?”.

Think of it like a lock that keeps people out of your house. It may not stop someone with a lockpick who knows what they are doing (very rare), but it means you aren’t leaving the front door unlocked for anyone that wanders by testing for unlocked front doors.

A secure certificate is used to create something called a Secure Socket Layer, or SSL. Maybe SSL sounds familiar? You may have seen SSL in action and didn’t know there was a word for it.

Look at your address bar. See this?

The only real difference is the “s” at the end of “http”. So instead of “http”, we now have “https”, which means the page is now using SSL (Secure Socket Layer).

Sometimes, you’ll see a picture of a padlock, or the color green and a padlock, as above. What you see varies from one browser to another.

This means that information you send online is not out in the open, unencrypted, for anyone to see.

This is important when you log into your site, Facebook, your bank account, or any other site that has something you don’t want to share. SSL is very important for online shopping too. You’ll want to see the https and/or lock on any site before you enter your banking information.

Did you know there are scripts you can download that let you view people’s userids and passwords when they are unencrypted? You can find one, go to a coffee shop or airport where there is free (unencrypted) wifi and watch it go.

You may say to yourself, “but I only log in at home or in the office, so I’m safe”.

Nope.

I live in a home and I can see several neighbors’ wireless networks from my own computers. You probably can too. You definitely can if you live in an apartment. In an office building, there is still a chance that’s an issue. Not using WiFi? That doesn’t mean you’re safe either.

Secure your blog, shopping cart, wiki, forum, and whatever else you log into with SSL. Even if you sell products and have a 3rd party process the banking information (and so they provide the security) it’s still a good idea to have this as an added layer of security. This added layer of security means that when you log into your site, it’s a lot harder for someone to swipe your
administrative password and deface your site or steal customer information.

You can buy secure certificates from me or you can buy them from someone else, but just get one and get it installed. These have become so important that we’ve recently introduced them into our web design and development, and website maintenance contracts. Our contracts state that you’ll have one, whether from us or another company, but you will have one and have it correctly installed.

NOTE: When buying your certificate, it is important that you register it under either www.yourdomain.com or just yourdomain.com. Take a look at your bookmark of your site. Is it with or without the www? If you’re still not sure what to get, clients are welcome to contact us and just ask.