Menu
Is free
registration
home  /  Advice/ This connection is not secure - how to disable this sign in Firefox. How to create and remember a strong password Insecure password warning in firefox

This connection is not secure - how to disable this sign in Firefox. How to create and remember a strong password Insecure password warning in firefox

Today, the issue of creating a secure password has become very relevant. In this case, it is necessary to adhere to certain rules of principles, as well as know how to store passwords correctly, which will reduce the likelihood of their theft and penetration into user accounts.

Generating passwords

To date, when creating any account on the Internet, you need to come up with a password, while the resource can suggest the reliability of the generated code. Typically, this indicator checks the length of the password and the presence of unique characters such as numbers or capital letters in it.

Despite the fact that this is one of the main parameters of password strength, but no matter how hard it seems to be resistant to hacking, it may not always be so. For example, users rarely use unique passwords that include Special symbols and numbers. However, even unique passwords, but not big amount characters can be quickly cracked by guessing, since they can be in the databases of fraudsters.

In this case the best option will apply the password generator. On the Internet, you can find both online services and password managers for installation on a computer. With these utilities, you can get long passwords in which special characters will be present.

Often, a password that consists of more than ten characters is not so attractive to a fraudster, since it will take much more time to crack it, which will not be very profitable.

The disadvantage of this method is the fact that it is quite difficult to remember such passwords, and if there is more than one such password, then it is generally unrealistic. If you need to remember the password, you can use another method. It is worth noting that a password with 10 special characters and capital letters can be cracked much faster than a code consisting of 20 uppercase Latin letters. Even scammers know this.

It turns out that the password, which will contain several simple English words in random order, can be easily remembered, but it is unrealistic to crack it. In addition, if you write each word with a capital letter, then you can be sure that it will never be hacked.

It is worth noting that when writing a password in the Latin layout, but in random Russian words, you can, in general, not worry about breaking the password, since no methods will be able to cope with it.

There is no specific approach to creating passwords. Each method has its own advantages and disadvantages, but it is still worth adhering to the basic principles of building code.

The password must be long enough. It must contain a minimum of eight characters. But sometimes this is not enough if you need to have a sufficiently strong password. In addition, the password must contain special characters, uppercase letters and numbers.

It is not recommended to use personal data for a password, even if it is written in a clever way. There should be no dates, names and surnames. For example, a password that contains a date, from the creation of the calendar to today, can be cracked in a short time.

If you need to check the strength of your password, you can use special services. But there is also one nuance here. If the address of such a service does not include https at the beginning, then it is better not to contact it, since it can also be hacked by intruders. In this case, you can enter a similar one with the same number of characters, which will make it possible to understand the reliability of the original.

When you enter a password on such resources, the entropy for the specified code is calculated and a reliability report is issued. If the entropy value is more than 60, then it is almost impossible to hack it even with targeted selection.

Using the same passwords for different accounts

If you have a fairly strong password, but it is used on all accounts on the Internet, the level of its reliability drops significantly. In this case, if hackers break into one of the sites where this password is used, the scammers will gain access to it and immediately try it on other popular public services or even online banking.

For many users it is not very convenient and rather difficult to have unique passwords, however, it is extremely necessary to do if the accounts contain important information... But if the account does not contain important data and is not particularly valuable, then you can use simpler passwords.

Two-factor authentication

It is worth noting that even strong passwords cannot guarantee complete safety, and the fact that no one can log into the account. The password can be trite stolen or unobtrusively learned from the user. Almost all powerful online services more recently, they have provided the ability to use two-factor authentication on accounts. If you need to protect your account, it is highly recommended to use it.

The principle of operation of such authentication is not very different on different services, so everything happens in almost the same way. When visiting an account from an unknown device, after entering the correct password, additional verification is required.

For this, a code from SMS can be used or special application on a mobile device. In addition, pre-printed codes, electronic or hardware keys can be used. This means that when the password is cracked, the fraudster will not get into the account, if he does not have the user's smartphone, his e-mail or something else at his disposal.

If you need to know more about two factor authentication, you can search the Internet for articles on this topic. You can also read the instructions for use on the services themselves, where it is already used.

Storing passwords

It is very correct to have a separate unique password for each account, but there are inconveniences in their storage. Remembering a large number of unique passwords is difficult. We do not recommend storing passwords in a web browser, as they can easily be taken over by intruders, moreover, they can be lost if the operating system suddenly crashes or if synchronization is disabled.

The most suitable option in this case is to use a password manager.
These applications are designed to store secret passwords in an encrypted vault. Access to such a repository is performed using a single password. You can also apply two-step authentication... In addition, most of these applications have a password generator and are able to assess the strength of passwords.

Many users actively use without access to the Internet, which are designed to store passwords on a PC. Another part of users work with applications with a large number of functions, among which there is synchronization.

Popular programs provide fairly secure and reliable storage of passwords. But in the process of using them, it is necessary to take into account some of the nuances. To enter the program, you must use one master password. In addition, if the vault is compromised, you will need to immediately change all of your passwords.

In addition, you can store passwords in notebook by locking it in a safe, to which only one person has access, however, with their constant use, this is not very convenient. In addition, you can use an offline database, which must be stored on a third-party drive and, moreover, with a duplicate of them in case of loss.

The most suitable option in this case from all of the above is this approach. Everything important passwords must be kept in the head or written on a piece of paper and placed in a secure place. Those passwords that are not particularly important can be stored in password managers.

Additional Information

After reading this article, you can highlight those points to which you should pay special attention. If you follow simple logic and understand the principles of constructing passwords, you can independently make decisions about the security of a particular password. Still, it's better to stick to certain rules.

You cannot use the same password for different accounts. Also, passwords shouldn't be lightweight. You can increase the difficulty level by increasing the password length. The most
The best option is a password with a number of characters from 10 to 20.

In addition, it is not recommended to use personal data in passwords. Also, do not use personal information in hints and control questions. It is recommended that you use 2-Step Verification whenever possible.
In addition, you need to find a suitable option for securely storing passwords.

You also need to protect yourself from phishing. This requires checking resource addresses and encryption. In addition, when prompted to enter a password, you need to make sure that the input is carried out on the desired site. You also need to clean your computer from malware.

In addition, it is not recommended to use passwords on third-party PCs, public networks in the absence of encryption of the connection. If you have to use someone else's computer, then you should use anonymous mode or type passwords from the keyboard on the screen.

In addition, it is better not to store passwords that are of particular importance on a computer or on the network. Some that are used daily, it is desirable to remember, the rest to write down and store in a protected place.

Nowadays, it is quite difficult to find a person who would not use the Internet.

Many users spend quite a lot of time on its open spaces. Therefore, more than ever in demand.

But what to do if all plans are violated by a warning that suddenly appears your connection is not secure.

In this article, we will look at why given error in different browsers and what to do if it appears.

Content:

The first step is to consider the occurrence of this problem during use.

The meaning of such a message

Often this message appears when visiting secure sites. Such sites, when interacting with the FireFox browser, use a special encryption method - #encryption. This is done in order to exclude the possibility of viewing the transmitted information by intruders.

To understand that you are visiting exactly such a site, pay attention to the line displaying the address of the page you are visiting. In the status line ( #status_Bar) a secure site will display a closed padlock icon. It will also be displayed in the address bar ( #lokation_bar).

In addition, the browser will display and Domain name site in the status bar, highlighted in yellow. This is necessary so that the user cannot be misled with the purpose.

Such sites may contain not only protected information, but also unprotected information to which everyone has free access.

If the site's information is unprotected, FireFox will display a lock icon crossed out by an oblique line in the status bar. The domain name will also be missing in the address bar and status bar. If you pay attention to such information, you can immediately understand that the site you are visiting has partial protection.

To solve it, you will need to reinstall the antivirus or disable interception of protected connections in its settings.

For example, if you are using to protect the system - open "Settings" and go to the tab "Active protection".

There you need to click on the "Configure" button located next to the web shield.

In the window that opens, uncheck the selection box from the line "Enable HTTPS Scanning"... In conclusion, it is necessary to confirm the changes in the settings by clicking on the "Ok" button.

If you are using a product such as - you will need to follow these steps:

  • open a window with antivirus settings;
  • in the lower left part of this window, click on the "Settings" button;
  • use item "Additionally" to go to the "Network" tab;
  • deselect the menu bar "Scan encrypted connections";
  • tick the parameter "Do not scan encrypted connections";
  • confirm the changes by clicking the "OK" button.

It is not difficult to find the information you need for other antivirus products on the Internet.

Lack of trust in the certificate your browser can display not only on little-known sites, but also on such giants as Google. Most often, owners may encounter this. This is because the Microsoft Family settings found in user accounts are activated.

The next step is to delete all existing family members using the function "Remove from family" on the advanced options tab.

In conclusion, you should also leave the family yourself, using the parameter of the same name.

The fourth mistake

It lies in the lack of trust in the certificate, since the latter is self-signed.

These types of certificates are designed to protect against eavesdropping, but do not provide any information about the recipient.

Most often, non-public sites use this, so you can easily bypass this warning.

Fifth mistake

It consists in the fact that the certificate provided to you belongs to a completely different Internet resource.

This problem occurs quite often and primarily due to the fact that the issued certificate is valid for one part of the visited site.

For example, you visited https: /example.com and received a warning about a similar error, and a certificate was issued for https: / www example.com. If you go to the last one, no warnings will appear.

Certificate store

The appearance of such messages can also occur due to file corruption cert9.db that stores all your certificates.

In this case, without opening FireFox, delete the above file so that it will be restored the next time you start it.

To do this, follow these steps:

  • open the menu and select the "Help" item;
  • go to tab "Information for problem solving";
  • open the profile folder located in the section "Application Information";
  • open the menu again and select "Exit";
  • highlight the file db and remove it;
  • restart your browser.

When is it possible to ignore warnings?

This option is suitable if you are confident in the reliability of the resource.

However, even in this case, you are not insured against eavesdropping and interception of confidential data by unauthorized persons.

If you nevertheless decide to ignore the warning that appears, follow a few simple steps.

On a page with a similar warning, use the button "Additionally".

If the browser connects to a site with weak encryption, load it using the outdated security system. You will be provided with the possibility of such download. In the case of a resource whose certificate is unverified, add it to the exclusions.

Error reporting capability

There are quite a number of sites on the Internet that make it possible to report an error to your center.

To do this, check the box at the bottom of the issue record page, next to the line "Report bugs like this to help Mozilla and block malicious sites."

A warning about an unsecured connection appears in the browserChrome

The occurrence of problems with the certificates of certain sites opened by the Chrome browser is identical with FireFox and can be solved by similar methods.

The reasons for their occurrence should also include:

In the first case, to eliminate the error, you will need to correct the system date and time so that they match those set on the server. To do this, open the tab for time and date settings, and adjust them.

The appearance of a warning due to an unverified or outdated certificate most often occurs when you try to enter your personal account on a particular resource.

To get around this, click on the tab in the error display window "Additionally" and then use the button "Go to the site".

Blocking extensions are more related to the anti-virus program installed on the computer.

In order to correct this situation, you will need to open Chrome browser and go to the installed extensions tab.

Select your modules from the list of available ones and uncheck the checkbox.

After that, reopen your browser and try to go to the site.

This error may also be due to a crash in Chrome. A banal reinstallation of the browser can fix the situation.

To remove the faulty version, open the window "Programs and Features", select a title installed browser and click the "Delete" button.

After the application has been removed, restart your computer and re-run google installation Chrome.

In most cases, the insecure connection warning stops bothering you.

Conclusion

This article has come to an end, in which we examined the options for the appearance of a warning about the presence of an unsecured connection.

We hope that the available information will be useful to you and will help you in solving this error.

Your connection is not secure how to fix:

Most attackers don't bother with sophisticated password-stealing methods. They take easy-to-guess combinations. About 1% of all existing on this moment passwords can be brute-force in four attempts.

How is this possible? Very simple. You try the four most common combinations in the world: password, 123456, 12345678, qwerty. After such a passage, on average, 1% of all "chests" are opened.

Let's say you are among those 99% of users whose password is not so simple. Even so, the performance of modern software for hacking.

The free and freely available John the Ripper program verifies millions of passwords per second. Selected examples of specialized commercial software claim a capacity of 2.8 billion passwords per second.

Initially, cracking programs run a list of the statistically most common combinations, and then refer to the complete dictionary. Over time, users' password trends may change slightly, and these changes are factored in when such lists are updated.

Over time, all sorts of web services and applications decided to forcibly complicate passwords created by users. Requirements have been added, according to which the password must have a certain minimum length, contain numbers, upper case and special characters. Some services took this so seriously that it takes a really long and tedious task to come up with a password that the system would accept.

The key problem is that almost any user does not generate a truly brute-force password, but only tries to satisfy the system's requirements for the composition of the password to a minimum.

The result is passwords like password1, password123, Password, PaSsWoRd, password! and incredibly unpredictable [email protected]

Imagine you need to remake your spiderman password. Most likely it will look like $ pider_Man1. Original? Thousands of people will change it using the same or very similar algorithm.

If the cracker knows these minimum requirements, then the situation is only getting worse. It is for this reason that the imposed requirement to increase the complexity of passwords does not always provide the best, and often creates a false sense of increased security.

The easier the password is to remember, the more likely it is to end up in the dictionaries of cracking programs. In the end, it turns out that really strong password it is simply impossible to remember, which means that it is needed somewhere.

According to experts, even in our era digital technologies people can still rely on a piece of paper with passwords written on it. It is convenient to keep such a sheet in a place hidden from prying eyes, for example, in a wallet or wallet.

However, the password sheet does not solve the problem. Long passwords are difficult not only to remember, but also to enter. The situation is aggravated virtual keyboards mobile devices.

Interacting with dozens of services and sites, many users leave behind a string of identical passwords. They try to use the same password for every site, completely ignoring the risks.

In this case, some sites act as a nanny, forcing the combination to be complicated. As a result, the user simply cannot, how he had to modify his standard single password for this site.

The scale of the problem was fully realized in 2009. Then, due to a security hole, the hacker managed to steal the database of logins and passwords of RockYou.com, the company that publishes games on Facebook. The attacker placed the base in open access... In total, it contained 32.5 million entries with usernames and passwords to accounts. Leaks have happened before, but the scale of this particular event showed the whole picture.

The most popular password on RockYou.com was 123456, which was used by almost 291,000 people. Men under 30 more often preferred sexual themes and vulgarities. Older people of both sexes often turned to a particular area of ​​culture when choosing a password. For example, Epsilon793 doesn't seem like such a bad option, only this combination was in Star Trek. The seven-digit 8675309 appeared many times because this number appeared in one of the Tommy Tutone songs.

In fact, creating a strong password is a simple task, it is enough to compose a combination of random characters.

You cannot create a perfectly random combination in mathematical terms in your head, but you are not required to. There are special services that generate truly random combinations. For example, random.org can generate passwords like this:

  • mvAWzbvf;
  • 83cpzBgA;
  • tn6kDB4T;
  • 2T9UPPd4;
  • BLJbsf6r.

This is a simple and graceful solution, especially for those who use to store passwords.

Unfortunately, most users continue to use simple weak passwords, ignoring even the rule “ different passwords for each site ". For them, convenience is more important than safety.

Situations in which a password might be compromised can be divided into 3 broad categories:

  • Random, in which a person you know is trying to find out the password, relying on information he knows about you. Often, such a cracker only wants to play a joke, find out something about you, or make a mess.
  • Mass attacks when absolutely any user of certain services can become a victim. In this case, specialized software is used. For the attack, the least secure sites are selected, which allow you to repeatedly enter password options in a short period of time.
  • Purposeful that combine the receipt of hints (as in the first case) and the use of specialized software (as in a mass attack). This is about trying to get hold of really valuable information. Only a sufficiently long random password will help to protect yourself, the selection of which will take time comparable to the duration of yours.

As you can see, absolutely anyone can become a victim. Statements like “my password will not be stolen, because no one needs me” are not relevant, because you can get into a similar situation quite by accident, by coincidence, for no apparent reason.

It is worth taking even more seriously the protection of passwords for those who have valuable information, is associated with a business or is in conflict with someone on financial grounds (for example, division of property in the process of divorce, competition in business).

In 2009, Twitter (in the understanding of the entire service) was hacked only because the administrator used the word happiness as a password. The hacker picked it up and posted it on the Digital Gangster website, which led to the hijacking of the accounts of Obama, Britney Spears, Facebook and Fox News.

Acronyms

As in any other aspect of life, we always have to find a compromise between maximum safety and maximum convenience. How to find the middle ground? What strategy for generating passwords will allow you to create strong combinations that can be easily remembered?

At the moment, the best combination of reliability and convenience is converting a phrase or phrase into a password.

A set of words that you always remember is selected, and a combination of the first letters from each word is used as a password. For example, May the force be with you turns into Mtfbwy.

However, since the most famous ones will be used as the initial ones, programs will eventually receive these acronyms in their lists. In fact, the acronym contains only letters, and therefore is objectively less reliable than a random combination of characters.

To get rid of the first problem will help right choice phrases. Why turn a world famous expression into an acronym password? You probably remember some and statements that are relevant only among your close circle. Let's say you heard a very catchy phrase from a bartender at a local establishment. Use it.

Still, the acronym password you generated is unlikely to be unique. The problem with acronyms is that different phrases can be composed of words that start with the same letters and appear in the same sequence. Statistically, in various languages, there is an increased frequency of the appearance of certain letters as the beginning of a word. The programs will take these factors into account, and the effectiveness of the acronyms in the original version will be reduced.

Reverse way

The way out can be the opposite way of generation. You create a completely random password at random.org, and then turn its characters into a meaningful memorable phrase.

Often services and sites give users temporary passwords, representing those perfectly random combinations. You will want to change them, because you will not be able to remember, but you just take a closer look, and it becomes obvious: you do not need to remember the password. For example, let's take another option from random.org - RPM8t4ka.

Although it seems meaningless, our brain is able to find certain patterns and correspondences even in such chaos. To begin with, you can notice that the first three letters in it are uppercase, and the next three are lowercase. 8 is twice (in English twice - t) 4. Look a little at this password, and you will surely find your own associations with the proposed set of letters and numbers.

If you can memorize nonsense sets of words, then use that. Let the password turn into revolutions per minute 8 track 4 katty. Any conversion that your brain is better at will do.

A random password is the gold standard in informational. It is, by definition, better than any human-made password.

The disadvantage of acronyms is that over time, the spread of such a technique will reduce its effectiveness, and the reverse method will remain just as reliable, even if all people on earth have been using it for a thousand years.

A random password will not be included in the list of popular combinations, and an attacker using a mass attack method will only brute force such a password.

Let's take a simple random password that takes into account upper case and numbers - that's 62 possible characters for each position. If we make the password only 8 digits, then we get 62 ^ 8 = 218 trillion options.

Even if the number of attempts within a certain time interval is not limited, the most commercial specialized software with a capacity of 2.8 billion passwords per second will spend an average of 22 hours trying to find the right combination. To be sure, we add only 1 additional character to such a password - and it will take many years to crack it.

A random password is not invulnerable, as it can be stolen. The options are myriad, from reading keyboard input to having a camera on your shoulder.

A hacker can hit the service itself and get data directly from its servers. In this situation, nothing depends on the user.

One reliable foundation

So, we got to the main thing. What are the random password tactics to use in real life? From the point of view of balance and convenience, the "one strong password philosophy" will do well.

The principle is that you use the same basis - a super-strong password (its variations) on the services and sites that are most important to you.

Remember one long and difficult combination for everyone.

Nick Berry, Consultant information security, allows this principle to be applied, provided the password is very well protected.

The presence of malware on the computer from which you enter the password is not allowed. It is not allowed to use the same password for less important and entertaining sites - more will be enough for them. simple passwords, since hacking an account here will not entail any fatal consequences.

It is clear that the reliable base needs to be changed somehow for each site. As a simple option, you can add a single letter to the beginning, which ends the name of the site or service. If we go back to that random RPM8t4ka password, it will turn into kRPM8t4ka for Facebook authorization.

An attacker, seeing such a password, will not be able to understand how the password for your account is generated. Problems will begin if someone gains access to two or more of your passwords generated in this way.

Secret Question

Some hijackers ignore passwords altogether. They act on behalf of the account owner and simulate a situation where you forgot your password and want it on a secret issue. In this scenario, he can change the password at will, and the true owner will lose access to his account.

In 2008, someone got access to e-mail Sarah Palin, Governor of Alaska, and then also a presidential candidate. The burglar answered the secret question, which sounded like this: "Where did you meet your husband?"

After 4 years, Mitt Romney, who was also a US presidential candidate at the time, lost several of his accounts on various services... Someone answered a secret question about the name of Mitt Romney's pet.

You already guessed the point.

You cannot use public and easily guessed data as a secret question and answer.

The question is not even that this information can be carefully fished out on the Internet or from people close to you. Answers to questions in the style of "animal name", "favorite hockey team" and so on are perfectly selected from the corresponding dictionaries of popular options.

As a temporary option, you can use the tactic of the absurdity of the answer. To put it simply, the answer should have nothing to do with secret question... Mother's maiden name? Diphenhydramine. Pet name? 1991.

However, such a technique, if found widespread, will be taken into account in the corresponding programs. Absurd answers are often stereotyped, that is, some phrases will be encountered much more often than others.

In fact, there is nothing wrong with using real answers, you just need to choose the question wisely. If the question is non-standard, and the answer to it is known only to you and cannot be guessed after three attempts, then everything is in order. The advantage of being truthful is that you won't forget it over time.

PIN

Personal Identification Number (PIN) is a cheap lock that ours are entrusted with. Nobody bothers to create a more reliable combination of at least these four numbers.

Now stop. Right now. Right now, without reading the next paragraph, try to guess the most popular PIN. Ready?

Nick Berry estimates that 11% of the US population uses 1234 as their PIN (where they can change it themselves).

Hackers do not pay attention to PIN codes because the code is useless without the physical presence of the card (this can partly justify the small length of the code).

Berry took the list of four-digit passwords that appeared after the leaks on the network. The person using the 1967 password is likely to have chosen it for a reason. The second most popular PIN is 1111, and 6% of people prefer this code. In third place is 0000 (2%).

Suppose that a person who knows this information is in the hands of someone else. Three attempts to block the card. Simple math shows that this person has a 19% chance of guessing their PIN if they enter 1234, 1111, and 0000 in sequence.

Probably for this reason, the vast majority of banks assign PIN-codes to issued plastic cards yourself.

However, many people protect smartphones with a PIN code, and the following popularity rating applies here: 1234, 1111, 0000, 1212, 7777, 1004, 2000, 4444, 2222, 6969, 9999, 3333, 5555, 6666, 1313, 8888, 4321, 2001, 1010.

Often, the PIN represents a year (year of birth or historical date).

Many people like to make PINs in the form of repeating pairs of numbers (moreover, pairs where the first and second numbers differ by one are especially popular).

Numeric keypads of mobile devices display combinations like 2580 in the top - to type it, it is enough to make a direct passage from top to bottom in the center.

In Korea, the number 1004 is consonant with the word "angel", which makes this combination quite popular there.

Outcome

  1. Go to random.org and create 5-10 candidate passwords there.
  2. Choose a password that you can turn into a memorable phrase.
  3. Use this phrase to remember your password.

Warning “This connection is not secure. Logins entered here can be compromised " Firefox browser for some time now, it began to show on all sites whose authorization pages are not protected by the https protocol.

The idea is simple: the user receives a visual reminder that on a site without https, the data that he is going to enter into the pre-submitted form, and that he sends to strangers by pressing the Enter button (“ Login«, « To come in«, « Register now"Etc.) NOT PROTECTED .

Surely, such a warning in some cases will really save an inexperienced user from some rash actions. A person who has long been accustomed to behaving competently on the Internet may not like the new reminder.

Actually, anyone who knows what https is, and why it is needed, when needed, always just glances at the page address and / or the lock icon in the browser's address bar and will see the same thing that warns him about ... If the icon is red, it means that all data that is sent to the site is not encrypted and, therefore, can be read.

"This connection is not secure."

In addition, the new feature has a couple of not quite interesting features... First, it now disables the standard form autocomplete feature on unprotected sites.

Simply put, the Firefox password manager on such a site no longer works and you will need to log in manually. On new sites, i.e. at the first registration such a measure, of course, will not be superfluous. But on familiar sites, where you go for a long time and every day, every time you log in with "pens" - this is at least not convenient.

The second problem is not so critical, but still interfering. The fact is that if in the authorization form the standard fields "username" and "password" are arranged vertically, then the warning text in the upper field simply covers the entire lower field.

In theory, you can correct the situation with the Enter button, but this solution is not always suitable for the simple reason that the data already entered immediately strives to go to the address. Therefore, you have to click somewhere on the side to remove the sign. Which also gets boring very quickly.

How to disable "This connection is not secure" notification in Firefox

This is done as follows:

  • v address bar copy (or write) about: config and press Enter;
  • further in the search bar, copy security.insecure_field_warning.contextual.enabled and also press Enter;
  • double click - according to the appeared in the column “ Setting name»Line.

After that, in the column “ Meaning" instead of true (stands by default and means that the function is active) a new value will appear false , which will indicate that the function is disabled, and the mentioned warning will no longer be displayed.

However, in order so that on sites without https, form autocomplete will work again as before, there is one more change to be made to Firefox preferences. For this:

  • open the page again about: config ;
  • through the search bar we also find signon.autofillForms.http ;
  • and exactly the same double click change the value line by line from the default true to a new one false , that is, we will unblock the auto-complete function of forms on pages with http.

Includes both of the above functions in the same way: double click - and replace false on true.

Firefox, starting from version 52, for sites over an unsecured connection (http instead of https), instead of the saved data of the authorization form, login and password, displays a warning: “ This connection is not secure. Logins entered here can be compromised. More details»Now, by default, you cannot use auto-complete forms if the connection to the site is not secure. Disable it, as this is not always possible. For example, when there are many sites of the same type on the internal network beyond your control, or there is simply no way to transfer sites to HTTPS, or you are 100% sure that your connection to the site is secure.

To disable the warning, you must:

Ready! Now, when entering login and password on unsecured HTTP sites, it shows saved form data instead of intrusive security notification.

UPD. It may also come in handy:
Remove the crossed out lock in the address bar:

security.insecure_password.ui.enabled = false