Closed
Bug 624064
Opened 14 years ago
Closed 7 years ago
When Firefox asks user to save password, the icon may be confused for a security certificate verified icon.
Categories
(Firefox :: Security, defect)
Firefox
Security
Tracking
()
RESOLVED
INVALID
People
(Reporter: strugee, Unassigned)
References
()
Details
(Keywords: ux-userfeedback)
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.6; rv:2.0b8) Gecko/20100101 Firefox/4.0b8 Build Identifier: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.6; rv:2.0b8) Gecko/20100101 Firefox/4.0b8 When you log in to any web site or service (that doesn't use a non-native platform like Flash), Firefox displays a key icon next to the favicon, asking you if you want to save the login info. This is normal. However, the problem lies in the fact that the user may confuse this as an icon indicating the security level of the website itself, like whether the connection is encrypted, website has a valid certificate, etc. Reproducible: Always Steps to Reproduce: 1. Go to any website that requires you to login, like gmail.com. 2. Login. 3. Notice the key icon next to the favicon. It looks just like a security indicator, doesn't it? Actual Results: The key icon may be mistaken for a webpage security indicator. Expected Results: The key icon should be mistaken for a webpage security indicator.
That's a valid concern, requesting user experience feedback.
If the connection is encrypted, the color of favicon's zone changes. Blue if the owner is unknow, green if the owner is know ;).
Reporter | ||
Comment 3•13 years ago
|
||
(In reply to Joël Tang from comment #2) > If the connection is encrypted, the color of favicon's zone changes. Blue if > the owner is unknow, green if the owner is know ;). I realize that, but the average user may not.
Reporter | ||
Comment 4•12 years ago
|
||
With the new identity block, is this bug still NEW or is it WONTFIX? It's been here for a while.
Comment 5•12 years ago
|
||
With the new design, it is worse because the icon and background for the password manager looks more like the icon and background for the lock icon.
Reporter | ||
Comment 6•7 years ago
|
||
I'm thinking this is INVALID now - the indicators have changed significantly since this was reported. The lock icon is now green even for non-EV certs and HTTP is starting to be labeled insecure (whoo!). Given that, plus the fact that nothing significant has happened on this bug since the original report, I'm closing.
Status: NEW → RESOLVED
Closed: 7 years ago
Resolution: --- → INVALID
You need to log in
before you can comment on or make changes to this bug.
Description
•