Survey shows people still need help.
Google Registry, the Alphabet division responsible for new top level domain names such as .dev and .app, has launched a website at Safe.page that helps people learn about phishing and secure websites. The company released survey results today showing that people still need security help.
The survey of over 2,000 adults shows:
- 42% didn’t realize the difference between http and https in a web address
- 69% didn’t realize that https could be used in a phishing attack
- 64% used the same password on multiple websites
One interesting non-security datapoint in the survey is about Gen Z. 34% of those surveyed between 16-24 who have already created a website did it for a class project. This is an interesting opportunity for domain registries and registrars.
Safe.page includes a quiz for people to review URLs in emails to check which ones are safe and which aren’t. I admit to overlooking a double-s typo in one of the quiz questions. That puts me in the 97% of people who missed at least one question on the quiz.
Google suggests people double-check domains before entering sensitive information. I hope its search team that designs the search results pages follows the same guidelines, especially on mobile pages.
Google promotes three of its domains that require SSL on the site: .page, .app and .dev.
Listen to a podcast about the security of these namespaces in DNW Podcast episode #221.
It’s a bit ironic that this comes from Google. They were the ones who did everything possible in making the users less focused on the actual domain name by motivating them to just type anything in the address bar of the browser. Just because Google is always there for them.
I feel like there’s a disconnect between their security/registry/email people and their SERPs UI people.
It’s all business, Andrew. They want all the possible direct domain-related traffic to pass via them. Monopolizing the entire search market, increased ad revenue, dumbed-down user base and impressive profits. This is just like “charity” for big businesses. Give “something” back, after you took everything from them. Simply warn the users that the internet is not that safe, so they can give you the “I told you so” afterwards. It’s all about creating a safety net for them and a good image about the company, that they are there for you!
People are misisng the point.
What you type in is not where you are!
Sure, you can type anything, but that does a search. Where you navigate to after that is when it’s important to check the URL properly.
I gave up after 2nd question. They are promoting
https://www.baosandbunscafe.com in AD but using [email protected] for email.
2 separate domains like this doesn’t instill a sense of safe and secure to me.
Great catch! They didn’t register BoasAndBuns.com. I suspect they made the URLs longer so it would be easier to slip in typos, but it does call into question their entire point of the quiz.
I do have a great suggestion for Google. Please change your URL from “google.com” towards “google.page”
It will make your search-engine soooo much safer.