This browser is no longer supported.
Upgrade to Microsoft Edge to take advantage of the latest features, security updates, and technical support.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(185.6, 12%, 27%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EA%3C/text%3E%3C/svg%3E)
on Chrome, i noticed when going to a site, even when it is known to use https, the browser has an "i" icon to the left of the url briefly before fully loading the site. clicking the "i" icon shows that it is not secure. if i were to click on a twitter link, (where my account is already logged onto twitter so im already logged in) during that intial loading where the "i" icon is shown, is there a possibility my account info/password is leaked and isp can see it?
Clicking a Twitter link during that brief “i” phase is not a realistic way for your password to leak, and your ISP still shouldn’t be able to read your session details as long as the request is HTTPS (which it should be for Twitter/X).
You can always set it in Chrome to require secure connection
Settings >Privacy and security >Security > enable Always use secure connections
sorry for the confused wording but what i meant was clicking a twitter link and then the page would load starting with that "i" phase. and during that phase would leaks happen?
didn't mean clicking on a twitter link during the "i" phase
You mean the i with a circle, and quickly, brief flashes, and goes away?
If so, that brief “i / Not secure” at the start of loading a Twitter link is almost always just Chrome not having confirmed the HTTPS state yet. It is not, by itself, an indication that your Twitter login or password leaked or that your ISP could read it.
is that when Chrome needs to get a certificate that says it's secure and it assumes it's not secure if it hasn't got the certificate yet?
so then there's no concern of account details and data being leaked during that brief "i" not secure phase?
That brief moment is when Chrome was trying to get the certificate/or review the certifate. There' so issue here.
No. Nothing to worry about here.
When you visit a secure site using HTTPS, your data, including account information and passwords, is encrypted during transmission. This means that your Internet Service Provider (ISP) cannot see the content of your communications, including your account data or passwords, as long as the connection remains secure.
The "i" icon you see in Chrome indicates that there may be some issues with the site's security, such as mixed content (both secure and non-secure elements on the page). However, if you are already logged into a site like Twitter and the connection is secure (HTTPS), your credentials should not be exposed to your ISP during that initial loading phase.
It's important to ensure that you are always accessing sites through HTTPS, especially when entering sensitive information. If a site is not fully secure, it may pose a risk, but the encryption provided by HTTPS generally protects your data from being intercepted by your ISP or other malicious actors during transmission.
References:
