This site will have limited functionality while we undergo maintenance to improve your experience. If an article doesn't solve your issue and you want to ask a question, we have our support community waiting to help you at @FirefoxSupport on Twitter and/r/firefox on Reddit.

Search Support

Avoid support scams. We will never ask you to call or text a phone number or share personal information. Please report suspicious activity using the “Report Abuse” option.

Learn More

The Site Identity Button for my bank changed from Green Lock to Grey Triangle.

  • 4 svar
  • 3 har dette problemet
  • 4 views
  • Siste svar av philipp

more options

I manage my banking account on a daily basis online. The Site Identity Button for this site, today, was grey triangle. Prior to that the green lock had been in place. Information indicates " CONNECTION PARTIALLY ENCRYPTED: Technical Details: Part of this page. . . were not encrypted or the encryption is not strong enough before being transmitted over the internet.

Information sent over the internet without encryption can be seen by other people while it is in transit."

I called the bank to inquire why this should happen. They indicated it is a browser setting.

Why is this happening all of the sudden. I have made no changes to the protection set-ups etc. I checked and Firefox is up-to-date.

Thank you.

I manage my banking account on a daily basis online. The Site Identity Button for this site, today, was grey triangle. Prior to that the green lock had been in place. Information indicates " CONNECTION PARTIALLY ENCRYPTED: Technical Details: Part of this page. . . were not encrypted or the encryption is not strong enough before being transmitted over the internet. Information sent over the internet without encryption can be seen by other people while it is in transit." I called the bank to inquire why this should happen. They indicated it is a browser setting. Why is this happening all of the sudden. I have made no changes to the protection set-ups etc. I checked and Firefox is up-to-date. Thank you.

All Replies (4)

more options

hi Pegyk707, there will be a reason why firefox is showing a warning on a https-site. what's the web address of the page in question?

more options

Hi Pegyk707, Let's see if we can find out some more and see what causes this.

Are any of these warnings seen on parts of the banks website that are public and do not need you to login ? If so please provide links. Such pages may not need high security, but at least we will be able to see the problem.

Do not give personal or confidential information, this is a public forum but what is the name and address of the bank and its website ?

Firefox is increasing security in line with the latest guidelines, and there is a possibility that at least parts your Bank's website is not yet fully updated.

I am aware of your other post https://support.mozilla.org/en-US/forums/contributors/711111?last=64439#post-64439

This may require some coordination between Mozilla & your Bank, so knowing which Bank it is is an essential first step.


Background technical information.

https://developer.mozilla.org/en-US/Firefox/Releases/36/ Site_Compatibility There is a document for site owners, and possibly this is relevant:

  • https://developer.mozilla.org/en-US/Firefox/Releases/36/Site_Compatibility#RC4_support_has_been_deprecated
    Security
    RC4 support has been deprecated
    Bug 947149 – Connection information claims RC4 is "high grade"
    Bug 999544 – RC4 Considered Harmful: Proposal to disable use of RC4 completely
    Bug 1088915 – Stop offering RC4 in the first handshakes
    Bug 1093595 – Treat SSL3 and RC4 as broken
    The RC4 cipher suites are now considered insecure. RC4 is no longer offered in the first TLS handshakes, and the security UI in Firefox no longer calls it "high-grade encryption" but rather would say "encryption is not strong enough". The RC4 support will completely be removed from Mozilla products in the near future. Webmasters should upgrade their servers as soon as possible to utlize stronger cipher suites.

There was also a security blog, again aimed at site owners, which again could be relevant

more options

Pegyk707 said

I manage my banking account on a daily basis online. The Site Identity Button for this site, today, was grey triangle. Prior to that the green lock had been in place. Information indicates " CONNECTION PARTIALLY ENCRYPTED: Technical Details: Part of this page. . . were not encrypted or the encryption is not strong enough before being transmitted over the internet. Information sent over the internet without encryption can be seen by other people while it is in transit." I called the bank to inquire why this should happen. They indicated it is a browser setting. Why is this happening all of the sudden. I have made no changes to the protection set-ups etc. I checked and Firefox is up-to-date. Thank you.

https://www.bankofthewest.com/

more options

thanks, as john 99 already suspected this is no bug in the browser - your site only offers weak TLS_RSA_WITH_RC4_128_SHA encryption making use of the RC4 cipher suite which is considered broken and no longer trustworthy. according to this recent proposal browsers have to stop supporting RC4: https://tools.ietf.org/html/rfc7465

starting with firefox 38, the browser will show the error message and block access to affected sites, so please contact the webmasters of your banka again and inform them about this issue...