Most web users will be aware that if you enter you are asked to enter your credit card details or personal information online, you should always check for a padlock sign in the address bar. This indicates that the information you are entering is encrypted before being sent and is therefore less likely to end up in the wrong hands.

You’ll notice that the address of any web page with a padlock icon will start with https:// instead of http:// – for example https://www.candlelearning.com. In order to use https:// in your address you need to have what’s called an “SSL Certificate”.

Web browsers Google Chrome and Firefox have recently set out on a mission to make the web more secure. Any web pages that ask for sensitive information, but don’t have https:// in their address will be marked as insecure (see: Moving towards a more secure web). Crucially for e-learning platforms, this includes any web pages that ask for a password (such as your login area).

If your LMS (Moodle / Totara etc.) is not set up to use https:// in its web address, visitors using Google Chrome or Firefox web browsers will see a crossed out padlock and a notification like this when they try to log in:

Upon seeing this, some users will question the credibility of your platform and it may be enough to put them off using your resources altogether. It is therefore worth taking steps to ensure your platform can use https:// as soon as possible.

Thankfully there are some quick (and free) solutions available.

CloudFlare is a service that we often recommend for clients. It is acts as a firewall for your website / e-learning platform and improves its security and performance. The Free plan also comes with a Shared SSL Certificate, which allows you to use https:// in your website address.

Let’s Encrypt is another free service that provides SSL certificates. It’s a little more complex to implement than CloudFlare, because it requires access to the webserver – but is becoming quite popular on the web.

Both CloudFlare and Let’s Encrypt are available with many web hosting providers (such as DreamHost) and can often be enabled from your dashboard with a few clicks.

If your web hosting has CPanel, look out for this section to enable it:

If you would like any help in ensuring that your platforms such as Moodle, Totara LMS and WordPress handle passwords securely, feel free to get in touch.

 

Want to hear more?

Sign up to receive to our regular updates.

By: Andy Jack

July 15, 2020

We recently stumbled across this fascinating photo of Ohio State University. It shows the paths used by students before permanent versions were put in place. […]

Read this post »

By: Andy Jack

September 27, 2018

Recently we’ve been working with a partner to help them plan the marketing strategy for their new suite of online courses. They’ve got a great […]

Read this post »

By: Andy Jack

May 28, 2020

The world seems a very different place to what it was only a few weeks ago. Since the outbreak of COVID-19, we’ve been inundated with […]

Read this post »