Reply
New Visitor
Posts: 1
Registered: ‎02-06-2006

email Security Change

chat id : professional-7d1a-4356-9291-522b255624cf
Problem : Comcast.net Site/Content not displayed properly/Other
Migdanah > Thank you for contacting Comcast HSI Customer Support. My name is Migdanah. How can I assist you? May I ask whom I am chatting with?
Tom > What happened to Mail selection on left tool bar which would allow secure logins: https:// ?
Migdanah > Please explain what you are speaking of
Migdanah > Do you mean for the email?
Tom > On the left tool bar down the left side of the home page there was a Mail selection item that has now been replaced with Messaging. When the Mail login was used up to yesterday the login would become secure: https://www.etc.
Migdanah > There was an update to the website the email icon at the top of the page work the same.
Migdanah > Click on the icon at the top of the page and you will get to the mailcenter.
Tom > When logging in when traveling I want to know my id and password encrypted. The Mail at top isn't secure where the other button was; try it.
Migdanah > If you do click on messaging and it will bring up an option for webmail and that will bring up the secure mail.
Migdanah > Try it.
Tom > So now I have to go thru multiple steps to secure my email rather one step - That is a step backward
Migdanah > I apologize for the inconvenience.
Tom > When can the top Mail button be fixed making it secure?
Migdanah > There has been a change to the site. I can put in a suggestion for you stating that you want the icon to be secure also.
Migdanah > If we get enough suggestions from other about the same thing then it will be something that we will look into.
Tom > Thank you this is a serious issue in today's environment
Migdanah > Thank you for choosing Comcast as your ISP and have a great day! Should you have additional questions, please feel free to chat back with one of our Online Customer Support Specialists 24 hours a day, 7 days a week.
Migdanah > Analyst has closed chat and left the room
Email Expert
Posts: 18,241
Registered: ‎04-27-2004

Re: email Security Change

Even though the page containing the form is accessed using an http:// URL, when you submit the form with your password it's sent using https://. If you view the source of the page you can find the section for the username/password, and you'll see that the action= URL is https://.

In general, there's no way to tell without looking at the page source whether the form will be submitted securely or not. The lock icon tells you how the page you're looking at was downloaded, not how the form you're going to submit will be done (there can be multiple forms on a page, with different settings for each -- for instance, the "Search" bar is not secure while the login form is).
Most Valued Poster
Jason1
Posts: 6,572
Registered: ‎02-17-2004

Re: email Security Change

Anon1578595,

Here is the official response to why the Comcast sign-in may appear to be un-secure - but in fact, it is a secure sign-in:

Information is first captured from you by your browser using an HTML form. You can view this form by clicking View -> Page Source in your browser menu bar and then searching for the word "form". You will notice that this form's action is posted using HTTPS or SSL to https://webauth.comcast.net/auth/login.

After your user name and password are received across this secure connection, you are then passed back to a non-secure page since we do not again pass any secure information. If you enter an area that does pass secure information such as webmail or account management, the connection will again utilize SSL..

We are striving to make your experience as responsive as possible. This is why we do not pass all information across SSL, only that which needs to be secure.

Comcast is also a TRUST-e approved Web site https://www.truste.org/ivalidate.php?url=www.comcast.net. TRUST-e regularly reviews Comcast Security procedures and policies to ensure that "The security procedures that are in place to protect the loss, misuse or alteration of information under Comcast Cable Communications, Inc. control."
Most Valued Poster
Most Valued Poster
Posts: 1,932
Registered: ‎01-01-2005

Re: email Security Change

>snip<
> Comcast is also a TRUST-e approved Web site
> https://www.truste.org/ivalidate.php?url=www.comcast.n
> et. TRUST-e regularly reviews Comcast Security
> procedures and policies to ensure that "The security
> procedures that are in place to protect the loss,
> misuse or alteration of information under Comcast
> Cable Communications, Inc. control."


How often is "regularly reviews"? Do you
happen to know, Jason? I don't see a date
on the Validated Privacy Statement at the
truste.org url ...

Sj