Some companies take security best practices seriously, others not so much

Saturday, 22 March 2014

I was trying to register for an online account with Sainsbury's Energy last night so I navigated to https://www.sainsburysenergy.co.uk.

So to sum up, I'm trying to navigate to www.sainsburysenergy.co.uk and the certificate is for www.sainsburysenergy.com.

Note that https is only mandatory for Log In and Register Now only but I'm too lazy to take screenshots again. :)

This is www.sainsburysenergy.com, as I said above, it will only go on https for Log In and Register Now

Somebody should set up a proper redirect or get another certificate.

Musings on Information Technology - A view from the trenches