Following a growing number of high profile hacking incidents, the decision has been made to force SalaryBot to work over HTTPS (commonly recognised by the green padlock displayed on your web browser). At the time of writing, SalaryBot is the only secure salary calculator on the web.
Whilst SalaryBot doesn’t handle credit card details, it does deal with sensitive information – your salary. You may think that this is harmless, as no identifying information is attached to the salary (e.g. name, email address, etc) – but browsing the web over regular HTTP is open to eavesdroppers.
In a highly targeted attack, a user could potentially be tracked through means like their IP address and browser footprint, which means their salary could be found out. Forcing HTTPS prevents this from being possible.
HTTP is insecure and is subject to man-in-the-middle and eavesdropping attacks, which can let attackers gain access to website accounts and sensitive information. HTTPS is designed to withstand such attacks and is considered secure against such attacks.
Next time you use a salary calculator with your own personal salary, be sure to use a secure salary calculator. Remember: Friends don’t let friends use insecure salary calculators!