SSL Certificate

Why SSL is crucial for your website

You’ve definitely seen it: a small lock icon next to the web address of your favorite website. Like this:

An SSL enabled website shown in three different web browser address bars
SSL is enabled on wordpress.org, as seen in the address bar

That lock icon symbolizes something important: an SSL Certificate.

What the heck is SSL?

SSL (Secure Socket Layer) is a secure connection. An SSL certificate encrypts all the data that passes between your visitors’ web browser and your website’s server where your website lives. This secures your website and makes it much harder for malicious parties to read the information coming to and from your site.

Websites using SSL can easily be identified by their web address:

https://wordpress.org

Note the “s” in the address – it stands for Secure and signals an SSL certificate is used.

Why do I need SSL?

Trust, Ranking, Security

An SSL certificate is key for providing a visual “ok” signal to visitors. That lock icon basically tells visitors to your site:
“This website is secure, and you can trust it.”

SSL is required for any website selling a product or containing forms such as a contact form or email signup. But over the years, Google also started using SSL as a ranking factor, meaning they get ranked higher. For this reason, around 2017 it became important for ALL websites to use SSL, no matter what.

But even in 2020, three years after SSL became a ranking factor with Google, many websites still don’t have SSL enabled or properly configured.

This is what it looks like if there is no SSL present:

A Not Secure message shows in the web address bar on an insecure site
An example of a website without an SSL certificate shows various Not Secure messages.

Making the Switch

Contact your trusted web developer or your web hosting company. Ask if there is a yearly fee and how you can properly set up SSL on your site.

After switching to SSL, your web address will change.

no SSL: http://www.myawesomewebsite.com
with SSL: https://www.myawesomesite.com

Update all listings of your website

Update your website listings — social media accounts, Google business page, email signature — to match this new address starting with https. This helps Google find your site at the new https address faster.

Watch for mixed content and Not Secure warnings

“Mixed content” happens when parts of your website such as images still originate form their old http address instead of https. This causes a warning of Not Secure to show up in the address bar, even though you have SSL!

If you see a Not Secure warning, you can identify the culprit by using the built in browser inspector tools in Firefox or Chrome. However, it’s usually best at this point to contact a web professional such as yours truly to root out and fix the issue. It often only takes a few minutes.

Keep SSL active and watch for renewals

Sometimes SSL certificates need to get renewed each year, especially if it’s a paid service. Mark your calendar for when it will renew and make sure you have an active card on file at your web host company. Your website can go down temporarily if it can’t find the certificate.

That’s it!

Once you have SSL, visitors will have increase trust and confidence in your website, and so will search engines like Google.

A depiction of a login form for a website

Password Management: We’re doing it wrong

Raise a hand for each of the following that you’ve done:

  1. Kept track of passwords on scrap paper or notebook
  2. Kept track of passwords in a spreadsheet
  3. Forgot to update your notebook or spreadsheet when a password changed
  4. Used the same password, or variation of the same password, for multiple logins
  5. Used a weak password, like real words with some numbers in it. h0wAb0utTh1s! (yes, this is a weak password!)

Did you run out of hands to raise?

You are not alone! Many of us, myself included, have done all of the above.

Most people are bad are managing passwords because we’re not computers. Or at least, not computers in the way that allow us to randomly generate and remember long strings of random characters!

And here’s a fun fact

Enter Password Management Tools

We all know that passwords are a giant hassle. They can be impossible to remember and difficult to organize. And because it’s so difficult, we often end up using weak passwords that are easy to hack. We’re doing it wrong.

Thankfully, many years ago I discovered free password managers like LastPass*, and I went frolicking through the hills like Julie Andrews in The Sound of Music.

Actress Julie Andrews with arms outstretched in the film The Sound of Music with the caption Me discovering password management
Me (a name, I call myself)… upon discovering the existence of password managers like LastPass circa 2012-ish

Ok, How does it work?

LastPass, 1Password, and other password managers remember your passwords in an online vault. I’m most familiar with LastPass, so here’s how it works:

As you go about your day and log in to your favorite websites, LastPass remembers each password for you and collects them into an online vault which you can access by clicking a button. When you need to make a new login on a website, LastPass can automatically generate a strong password for you and then store it, so you never have to record it yourself. It can also remember information like addresses and even credit cards (only if you choose) to save you time when making online orders.

All you have to do is remember your one master password to access your vault. That’s it. One password to rule them all!

Oh, and it also makes it super easy to securely share your password with others. And…it works on all devices. And it’s free. Pretty awesome, right?!

A screenshot of the password vault by LastPass
The Vault! Screenshot by LastPass

Is it Secure?

I’ve told countless people about password managers because it’s made my online life easier, and I’m often asked if the service is secure. “What if the password management service is hacked?” you ask. It’s an important concern.

A password management company has a huge investment into security, because their entire business model relies on it. Which is more secure: their system, or my “system” of using weak passwords? Probably their system. Ok, definitely their system. To read more of a technical explanation of how LastPass stores your passwords securely, check out this page: How It Works.

For me, the daily benefits and time-saving sanity of LastPass — which I’ve used for upwards of 7 years — vastly outweighs the possibility of my vault being comprised (in which case I could still control access by resetting my master password).

What about letting Chrome/Safari/Firefox remember all my passwords?

There’s nothing wrong with using this method, except that it can encourage the weak password habits we talked about above.

If you need help generating strong passwords, check out this generator you can use for free: https://www.lastpass.com/password-generator

(I’ve also found that most people don’t know how to view their saved passwords – Here’s how to sync and retrieve your passwords in Google Chrome.)

“81% of hacking-related breaches leveraged either stolen and/or weak passwords.”

– Verizon Data Breach Investigations Report, 2017

Follow these Two Rules for Password Success

It doesn’t matter what tool or method you use to manage your passwords, as long as you follow these two rules:

  1. Use a unique password for every. single. login.
    Let me repeat that.
    Use a 100% unique password (not a variation) for every single website.
  2. Use a strong password – that means random letters and numbers, or a random string of words, of 12-16 characters.
    Example: 9Bm!Te@MEti5

If you can do that with a notebook or a web browser, more power to you. For the rest of us humans, there are password managers.

PS – If you liked this, check out my post on Online Tools to Save Time and Stay Organized which I recently updated.


*This post uses an affiliate link to LastPass, but I am not paid. I think I get a free trial of their premium service? Let’s find out, sign up already! 😀

Online Tools to save Time and stay organized

Here are a few tools that have saved me time, effort, and in many cases, sanity.

LastPass (Password Management)

If there’s one tool everyone with an internet connection should have, it’s a password management system. And no, I’m not talking about the notebook where you scrawl down your latest account login or even the massive spreadsheet you’ve been keeping since 1999. A password management tool like LastPass not only saves passwords for you – it can auto-fill them and even auto-fill forms so you never have to write out email address again. LastPass has been saving me oodles of time for over 6 years, and it’s free.

Ublock (Ad Block)

This does just what it says – blocks ads on webpages. Mosto f the time ad block is smart enough to block the bumper ads on YouTube. Want to support a certain site by viewing their ads? Disable ad block on that particular page.

OneTab (Browser Tab Management)

If you spend much of your day on a computer, chances are you have a bit of browser tab buildup. That’s right, I’m talking about the 87 tabs currently open in your browser (oh, maybe that’s just me!). Don’t lose your tabs ever again and keep them organized into groups, or tuck them away to clear the clutter. This little browser extension has made a big difference in my workflow!

JumpCut (Copy/Paste helper, Mac Only)

JumpCut allows you to see the last several items that you copied to your “clipboard” (the magical space where things go when you copy a piece of a text and get ready to paste it). This is super useful when you need to copy/paste lots of stuff all the time like me! This way you can copy several pieces of text in a row, and retrieve them in JumpCut.

Bear (Notes)

Everyone has their favorite note-taking app, and Bear is mine. Bear lets you write in markdown which makes it easy to write for your website and paste it in without losing formatting. It also syncs with all devices if you use the paid version (~$15/yr). I mainly like the way everything is tagged and organized, and it looks super clean. SimpleNote came close but I love Bear!

I’m always looking for little web helpers, and I’ll be sure to share them here. I hope these tools are useful for your online workflow!

Last updated: October 2019