Question about my new banking website

Post #252,823 by Yendor 4/20/06 5:17:47 PM Reply	Question about my new banking website So, when I moved up to Chicagoland from Texas 8 years ago, I signed up for an account with First Chicago Bank. A few years back, Bank One gobbled them up. One or two years ago, JPMorganChaseManhattanAndOtherLongNamesHere bought out Bank One. As of the end of March, my former bank website, [link\|https://www.bankone.com/\|https://www.bankone.com/] has now become [link\|http://www.chase.com/\|http://www.chase.com/] . Note the difference in the security of the two URLs. In fact, when I type in "[link\|https://www.chase.com/\|https://www.chase.com/]" into my browser, I am automatically redirected to "[link\|http://www.chase.com/\|http://www.chase.com/]". I get no choice to stay on the secure server. On this front page, I am prompted for my Username and Password. According to View Source, the <form action> for this login prompt is "[link\|https://chaseonline.chase.com/siteminderagent/forms/formpost.fcc\|https://chaseonline....orms/formpost.fcc]". So my question is... The URL of the page I'm at is "http" -- insecure. When I submit my username/password on an insecure page to a form whose action is "https", is the username/password sent in cleartext, or is the fact that the action goes to a secure server enough that the browser encrypts it prior to any traffic leaving my laptop? -YendorMike "They that can give up essential liberty to obtain a little temporary safety deserve neither liberty nor safety." - Benjamin Franklin, 1759 Historical Review of Pennsylvania
Post #252,824 by broomberg 4/20/06 5:48:48 PM Reply	It's secure When it calls https to hand the info over, it encrypts it. The only "non-secure" portion is the fact someone can see the empty login screen that they presented to you.
Post #252,825 by altmann 4/20/06 6:22:11 PM Reply	Our bank's site does something similar The main page is http: but they have an embedded iframe that loads the login form from https: and submits via the same. When they first did this it worried the fsck out of me. It breaks the "look for the gold key" UI of the browser for one. It was noticing that iframe loading slower than the rest of the page that first clued me in to what was going on. I imagine they're doing it to keep the load on main page down for those not logging in. -- Chris Altmann
Post #253,096 by lincoln 4/23/06 11:58:28 AM Reply	You missed one So, when I moved up to Chicagoland from Texas 8 years ago, I signed up for an account with First Chicago Bank. A few years back, Bank One gobbled them up. One or two years ago, JPMorganChaseManhattanAndOtherLongNamesHere bought out Bank One. First National Bank of Chicago was acquired by NBD Corp, the latest version of National Bank of Detroit, before you moved to Chicagoland. Then in the late 1990s Bank One of Ohio bought NBD Corp. Now you've got JP Morgan Chase swallowing Bank One. I can't wait to see who eats JP Morgan Chase in a few years. lincoln "Chicago to my mind was the only place to be. ... I above all liked the city because it was filled with people all a-bustle, and the clatter of hooves and carriages, and with delivery wagons and drays and peddlers and the boom and clank of freight trains. And when those black clouds came sailing in from the west, pouring thunderstorms upon us so that you couldn't hear the cries or curses of humankind, I liked that best of all. Chicago could stand up to the worst God had to offer. I understood why it was built--a place for trade, of course, with railroads and ships and so on, but mostly to give all of us a magnitude of defiance that is not provided by one house on the plains. And the plains is where those storms come from." -- E.L. Doctorow Never apply a Star Trek solution to a Babylon 5 problem. I am not merely a "consumer" or a "taxpayer". I am a *Citizen* of the United States. [link\|mailto:bconnors@ev1.net\|contact me]
Post #253,135 by a6l6e6x 4/23/06 5:33:42 PM Reply	Re: who eats JP Morgan Chase in a few years? Not a very likely event. Current [link\|http://finance.yahoo.com/q/ks?s=JPM\|capitalization is $146 Billion]. Ex-stockholder 'R us. :) Just for a trade. Alex When fascism comes to America, it'll be wrapped in a flag and carrying a cross. -- Sinclair Lewis

Welcome to IWETHEY!