Most web users will be aware that if you enter you are asked to enter your credit card details or personal information online, you should always check for a padlock sign in the address bar. This indicates that the information you are entering is encrypted before being sent and is therefore less likely to end up in the wrong hands.

You’ll notice that the address of any web page with a padlock icon will start with https:// instead of http:// – for example https://www.candlelearning.com. In order to use https:// in your address you need to have what’s called an “SSL Certificate”.

Web browsers Google Chrome and Firefox have recently set out on a mission to make the web more secure. Any web pages that ask for sensitive information, but don’t have https:// in their address will be marked as insecure (see: Moving towards a more secure web). Crucially for e-learning platforms, this includes any web pages that ask for a password (such as your login area).

If your LMS (Moodle / Totara etc.) is not set up to use https:// in its web address, visitors using Google Chrome or Firefox web browsers will see a crossed out padlock and a notification like this when they try to log in:

Upon seeing this, some users will question the credibility of your platform and it may be enough to put them off using your resources altogether. It is therefore worth taking steps to ensure your platform can use https:// as soon as possible.

Thankfully there are some quick (and free) solutions available.

CloudFlare is a service that we often recommend for clients. It is acts as a firewall for your website / e-learning platform and improves its security and performance. The Free plan also comes with a Shared SSL Certificate, which allows you to use https:// in your website address.

Let’s Encrypt is another free service that provides SSL certificates. It’s a little more complex to implement than CloudFlare, because it requires access to the webserver – but is becoming quite popular on the web.

Both CloudFlare and Let’s Encrypt are available with many web hosting providers (such as DreamHost) and can often be enabled from your dashboard with a few clicks.

If your web hosting has CPanel, look out for this section to enable it:

If you would like any help in ensuring that your platforms such as Moodle, Totara LMS and WordPress handle passwords securely, feel free to get in touch.

 

Want to hear more?

Sign up to receive to our regular updates.


By: Andy Jack

August 30, 2019

We’re proud to be hosting a talk on ‘Taking your expertise online’ as part of the first Halifax Digital Festival in September. Designed for training […]

Read this post »

By: Carlos Nisbet

September 11, 2017

For the first time, eLearning Network members will be putting on a free social meetup in Leeds! Whether you’re an Instructional Design superstar, an LMS wizard or an […]

Read this post »

By: Carlos Nisbet

May 10, 2019

We’re big fans of marketing guru Seth Godin at Candle Digital, and in particular his best selling book Purple Cow. In fact, it’s such a […]

Read this post »