Hughesnet Community

Hughesnet email not secure

cancel
Showing results for 
Search instead for 
Did you mean: 
dfbeck
Junior

Hughesnet email not secure

I've been using Hughesnet email for years over several different computers and have never had a problem. Currently it's an HP Elite Compatible Tower i3 8gigs running Firefox 58.0.2 Hughesnet email has opened and run flawlessly until now which is exactly when I have to get an email sent. The program loads up to the silver rectangle with the blue Hughesnet letters at the top and 'Switch to standard html version' at the bottom. It will display email in html and not to be picky, I don't care for that. The info on the page says 'This connection is not secure'. I haven't changed anything either on the email program or Firefox. The page loads under the address: 'http://mail.hughes.net/zimbra/mail'.

Advice, other than 'use html', is appreciated.

 

I attempted to type the address in adding the an 's' behind 'http' on a different page. When I was asked for password, I couldn't remember it so I closed that page and opened the book marked page where the password is remembered. That page opened to Hughesnet mail and properly displayed my emails but only after I refreshed it once. I know this is a security issue with the 's' left out but I don't know where that can be altered, or why it was altered to begin with. That's it so far.

16 REPLIES 16
GabeU
Distinguished Professor IV

@Liz

@Amanda

 

I think this was brought up previously, but I can't find the post. 

 

Screenshot (102).jpg

Yes, that would be the problem. It was unsecure in the link from 'Our site has moved' with a redirect. For whatever reason, I didn't notice it until it was pointed out, most likely from your post so I'll give you credit. It did leave my computer open to a nasty browser hijacker that I described in my reply to Hughes. No problems now, other than the one's I've caused. Thanks.

Good morning dfbeck,


Thank you for sharing your findings! We'll let our web devs know.

 

 

If you have a tech or billing question and need help, please start a new thread in the appropriate board. Unsolicited Private Messages may not get replies.

Slow performance? Click me!

GabeU
Distinguished Professor IV


@dfbeckwrote:

Yes, that would be the problem. It was unsecure in the link from 'Our site has moved' with a redirect. For whatever reason, I didn't notice it until it was pointed out, most likely from your post so I'll give you credit. It did leave my computer open to a nasty browser hijacker that I described in my reply to Hughes. No problems now, other than the one's I've caused. Thanks.


Very interesting.  

 

With that said, the mail site still does show as not being secure.  I hope they're still looking at that.  

Hi GabeU,

I hadn't noticed that the site was still insecure but if I can't open mail on a secure site I won't open it at all. I don't know if it's related but currently I'm dealing with the issue of someone who decided to share my name and credit information with me to purchase computer parts from Newegg. They also purchased PlayStation games in New Zealand. Chase Financial informed me that they have (had) my credit card number, social security number, dob, age and address which could have been acquired through an unsecured page in a very round about way and may up for sale on the deep web. They may have stolen the info from some place other than than email but I'd just be careful with your information.

Dave

GabeU
Distinguished Professor IV

@dfbeck

 

That's exactly the type of thing that concerns me.  I don't use HughesNet's email for anything other than the notifications from this Community, but a lot of people do use it for their primary email, and if it's not secure what you describe is entirely possible for any one of them, including what you've experienced.  I hope that's not the case, but unfortunately, once they have your info they have it.  

 

And it seems that the entire MyAccount site is not secure, which just adds to it.  😞    

Actually, when I opened MyAccount, the address bar indicates that the connection to that point is secure. I then go to Profile which also appears secure since it has a sheild as the first symbol in the address bar. From there I have the ability to manage my email accounts which I wanted to do, change passwords, delete account, etc but when asking for a password, I get the 'This connection is not secure..' I can't change the options on my email accounts without the risk of having visitors who don't respect me as much as I do. Kinda sucks since one of my accounts I've never accessed before. I could have won the Publishers Clearing House contest but since I can't respond to Mr. McMahon, there's no private island in my future. 
Dave

GabeU
Distinguished Professor IV

@dfbeck

 

That's interesting.  I'm seeing the opposite.  

 

MyAccount page (signed in)...

HN2.jpg

 

Profile page (signed in)...

HN4.jpg

 

What's more interesting is that the page where you enter your credentials when signing in, the next page after you click the blue "Sign In" button, and then the next page after that are all secure, but when it gets to the fourth and final page in the process, which is the actual MyAccount page (the first picture above), now signed it, it is no longer secure for me.  It's very odd.

 

HN5.jpg

------------------------------------------------------------------------------------------------------------------------------------------------------------------------

 

HN6.jpg

------------------------------------------------------------------------------------------------------------------------------------

 

HN7.jpg

That is odd. I just checked again and the first page, the one in which you choose your destination, is secure on mine are the next pages as long as I launch them from the secure link but I still can't manage my email accounts. without risk.Hughesnet logon not secure.PNGInfo street Hughesnet page.PNG It makes me wonder if there are different paths to reach the same site? I really would like to use my unused email account. 

maratsade
Distinguished Professor IV

Your link for My Account is not showing as secure. The secure ones all have https in front of the URL. The link for My Account does not have that.

Well, I'll be darned, you are correct! For some reason I looked at the sheild and assumed that it indicated a secure connection. I just realized that I've never floated a curser over it before. That's just great! That also means that I'm leaving the useage page open and it's not secure. Thanks for pointing that out. I hope there is a fix for that either on my end or Hughes' end. I can do without another hijacked browser.
GabeU, if you see this, I was in error on what was secure and what wasn't but what really matters is what is not secure.

maratsade
Distinguished Professor IV

I have been able to turn some of those pages into secure pages simply by adding https:// in front of the url. 

 

They are working on this stuff -- one of the mods posted something recently about it.

GabeU
Distinguished Professor IV

@dfbeck

 

I might have thought the same thing with that shield being like that.  They definitely need to address it, even if it doesn't have things like credit card info on the non secure pages, that's for sure.  And really, any site that you have to sign into that is tied to a service you pay for should be secure on every page.  

 

@maratsade

 

That definitely works, but the problem, of course, is that only a few of us know to do that.  😞  

 

Capture.JPG 

 

Oh, and now I see that if you click on any link, it goes right back to not being secure, so you'd have to put the s in every subsequent link that you click on.  SMH.  

 

Clicking on Billing from within the secure site shown above takes me to this....

 

Capture.JPG 

 

They really need to fix this.  And I know they are looking at it, so that's good.  🙂    

maratsade
Distinguished Professor IV

They'll fix it. These things take time, though.  In the meantime, adding https:// at the beginning of the URL seems to help.

Liz
Moderator
Moderator

Good morning dfbeck,

 

Thanks for posting. Yes, we inquired about this internally. There's an update scheduled for next month to address HTTPS everywhere in the Support Center. We're checking and having our devs confirm whether this includes the webmail portion. We'll post back once we find out.

 

  Your patience and understanding are much appreciated.

 

 

If you have a tech or billing question and need help, please start a new thread in the appropriate board. Unsolicited Private Messages may not get replies.

Slow performance? Click me!

I meant to post this sooner but time got away. I found the problem. I used Google to search for the Hughesnet site for email. I was given several options one of which was 'User login'. Choosing that site brings up the message, 'Our site has moved' with a redirect to, "Http://my.hughesnet.com' which is not a secure site but I didn't notice until too late. This was the link I had bookmarked and when used to open my email accout, it would only allow html but that wasn't the worst of it. I used that bookmark to open email one day and immediately received a siren sound then a voice over informing me some unsavory characters had hijacked my computer and it would be destroyed if I shut it down. The only fix offered was to call the listed 800 where a Windows technician (not Microsoft) would 'fix' my computer. I had this happen once before so I knew what to do. I copied their phone number, pulled the plug to shut it down, and then ran my spyware. As soon as I knew the computer was clean, I called their number, asked for help, acted like I knew nothing about computers until the 'tech' finally caught on that I was scaming him at which time I told him that if nothing else, I kept him from ripping off someone else for an hour and 15 minutes. You might want to eliminate this link;  http://messages.hughesnet.com/CustomerCare/
I didn't notice missing the 's'I didn't notice missing the 's'
Once I entered the secure address I had no further problems. Thanks.