Half of Websites Still Using Legacy Crypto Keys

Half of Websites Still Using Legacy Crypto Keys

The internet is becoming more secure overall, but slightly more than half of websites' digital keys are still generated via legacy encryption algorithms, according to new research.

Security firm Venafi enlisted the help of noted researcher Scott Helme to analyze the world’s top one million sites over the past 18 months.

The resulting TLS Crawler Report revealed some progress in a few areas.

Nearly three-quarters (72%) of sites now actively redirect traffic to use HTTPS, an increase of 15% since March 2020. Even better, more than half of the sites studied that use HTTPS are on the latest version of TLS: TLSv1.3. It has now overtaken TLSv1.2 to become the most popular protocol version.

In addition, almost one in five of the top one million sites now use the more secure HSTS (HTTP Strict Transport Security) — a 44% increase since March 2020.

Better still, the number of top one million sites using EV certificates is at its lowest point ever in the last six years of analysis. These are noted for slow, manual approval processes which drive too much friction for end users.

Conversely, the much more user-friendly Let’s Encrypt is now the

Read More: https://www.infosecurity-magazine.com/news/half-of-websites-still-using/