Hi Gabe -
Disclaimer I am not an expert on this topic nor is this any official answer: I assume that this means the login process and redirects during the login process are all secure. So in order to get to your actual account information you'd have to pass through a secure login area. If I am seeing everything correctly, credit card or banking information inputs are on secure popups too. To me the message about not putting in your info to the site because it can be seen doesn't apply, since the places you input your payment info into is not entered or stored on the "unsecure" page.
I think there is some differentiating between Info/Not Secure vs Not Secure/Dangerous. Ref: https://support.google.com/chrome/answer/95617?visit_id=1-636574194222761387-1264375423&p=ui_securit...
We're still waiting but just wanted to throw in my 2 kopeks
Yes, the popups for credit card info are definitely secure. I was only showing that the main page wasn't secure, though the sign on info is.
With that said, I was just a litlte concerned about the Account Information and Profile page, which also includes personal info (though not as important as credit card info or anything like that), but isn't secure. There's also no indication of whether the popups for changing personal info, like email, phone number or address, is secure.
That's this Community, and this Community is definitely secure. It's the MyAccount site that is the problem. At least some of the popups on the site, like when you go to add a payment type (and I assume change it) are secure, but the pages themselves aren't.
What Amanda mentioned about having to go through the sign in process and such may very well be true, but we'll know once the engineers pore over it. With this said, after signing in to this Community, I can right click on MyAccount at the top of the page and choose to open it in a new page, and if I've already signed into the site previously it goes straight to the MyAccount site without having to go through the sign on process again, so I don't know if that means it's still secure, if it ever was in the first place.
It's a riddle, wrapped in a mystery, inside an enigma.
So just a quick add on to my previous post... I don't have an official answer for you but I can say that what is coming will be positive. Hang in there!
Finally got my hands on something today!
The entire email path (i.e. the whole enchilada) is going to have HTTPS implemented. If the date is still on, the myAccount website itself is also getting uniform HTTPS, except earlier, on 4/22/18. I'll check in with the team on the 22nd to see if it was completed. The date for webmail HTTPS is TBD.