Skip to content
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 

Online security

Get answers and information about our security products.

Logging into the router

Gliwmaeden2
Community Star
Private Message TalkTalk

on ‎24-04-2025 10:35 PM

Message 9 of 9

When checking which version of Hub2 firmware I currently have, the address for logging into the router has a black triangle flag:

 

20250424_215938.jpg

The message indicates it is less risky at home, but the general implication is that it's not secure. I am trying to use it at home.

 

This didn't happen when I checked the firmware version a few weeks ago.

 

What's going on with it?

Gliwmaeden2, a fellow customer.
Labels:
0 Likes
8 REPLIES 8

Billx
Insightful One
Private Message TalkTalk

‎04-05-2025 12:28 PM - edited ‎04-05-2025 12:36 PM

Message 1 of 9

Bit late to the party. But excellent topic and discussion, @Gliwmaeden2 

I agree with you, that it doesn't make a lot of sense.

 

By definition, 192.168.1.1 is a device within a private network, not within a public network.

By definition, messages between http:// 192.168.1.1/ are unsecure in the sense that they are unencrypted.

But they are secure in the sense that the owner of the private network trusts all devices and users within the private network.

One would think that Google Chrome would know that and not be so alarming, especially the fact that this is a private network.

I think other programs, including Windows, get confused, whether a private network, is or is not, private.

 

I think that what happens, is that when a user logs into the router for the first time, after Chrome gives that warning (meaning that messages are  unencrypted), Chrome saves that fact somewhere in cache (whatever and wherever that is) that you have given permission, and won't bother you again. It will only bother you again, if somehow that record in the cache is lost.

 

Anyhow, this is my view.

 

Bill

 

Gliwmaeden2
Community Star
Private Message TalkTalk
In response to KeithFrench

on ‎27-04-2025 04:45 PM

Message 2 of 9

Thanks, that's a little clearer now! 😊

Gliwmaeden2, a fellow customer.
0 Likes

KeithFrench
Community Star
Private Message TalkTalk

on ‎27-04-2025 03:46 PM

Message 3 of 9

TalkTalk have never implemented HTTPS in their routers for this purpose, probably because of cost. Everything else you ask is down to your browser.

Keith
I am not employed by TalkTalk, I'm just a customer. If my post has fixed the issue, please set Accept as Solution from the 3 dot menu.
TalkTalk support and Community Stars - Who are they? 

Gliwmaeden2
Community Star
Private Message TalkTalk
In response to KeithFrench

on ‎27-04-2025 03:36 PM

Message 4 of 9

The point is it doesn't give me the override message, only the option, exactly as in the original image I posted, to "continue to site".

 

What has not been answered:

 

Why would I get this message as a one off? It usually doesn't show.

 

If it actually mattered it would show every time. 

 

I was already informed that it's http rather than https in the image I posted where it recommends contacting the site owner to upgrade it. So that is not the mystery. 

 

I am only ever trying to log in at home.  It's an alarming message if it shows, when nothing has been altered at my end.

 

So the only question that needs answering is why did the message in the image I posted show up at all, ever? 

 

And perhaps Talktalk could explain why they don't use https?

Gliwmaeden2, a fellow customer.
0 Likes

KeithFrench
Community Star
Private Message TalkTalk

on ‎27-04-2025 03:16 PM

Message 5 of 9

Hi @Gliwmaeden2 

 

@Divsec is 100% correct on this. HTTP is not encrypted, whereas HTTPS is. Logging into a TalkTalk router can only be done from the local network; connection attempts coming into the router via its WAN interface are blocked. Unless someone is connected to your network and is using Wireshark with specialist hardware, your connection to the router is classed as secure enough. Your browser should give you an override along the lines of "I trust this connection, please allow it".

Keith
I am not employed by TalkTalk, I'm just a customer. If my post has fixed the issue, please set Accept as Solution from the 3 dot menu.
TalkTalk support and Community Stars - Who are they? 

0 Likes

Gliwmaeden2
Community Star
Private Message TalkTalk

on ‎27-04-2025 02:50 PM

Message 6 of 9

@KeithFrench, have you got any thoughts on this, as I don't think the previous reply got to the bottom of things?

 

When I log in now, as expected, the warning triangle is still there, but not the warning message that I posted in my first post.

 

So it's back to normal. 

 

Why would I usually not see that warning message, and then suddenly see it flagging up the issue, then back to normal despite still being triangled in the browser address?

 

 

Gliwmaeden2, a fellow customer.
0 Likes

Gliwmaeden2
Community Star
Private Message TalkTalk
In response to Divsec

on ‎25-04-2025 08:35 AM

Message 7 of 9

Yes - it's probably Chrome flagging it up for that reason and normally it could matter in connection with other websites, as a warning. 

 

But nobody's going to be logging into that address unless they are already at home, so the alert is superfluous. 

 

Though it does still beg the question, why doesn't Talktalk use https for this, and why didn't the alert show last time?

 

A few weeks ago I got into the router log in with none of these alerts, using the same browser, same devices. 

Gliwmaeden2, a fellow customer.
0 Likes

Divsec
Community Star
Private Message TalkTalk

on ‎25-04-2025 08:00 AM

Message 8 of 9

Hi @Gliwmaeden2 that's because it is an http rather than HTTPS connection and nothing to worry about

 

I don't work here and all my opinions are my own.
© TalkTalk 2025