Undetectable Humanizer: Lifetime Subscription
Transform AI-Generated Text into Human-Like, High-Ranking Content & Bypass Even the Most Sophisticated AI Detectors
Get 95% Deal

How to restore the green lock icon in Firefox's address bar

Martin Brinkmann
Oct 28, 2019
Updated • Oct 28, 2019
Firefox
|
41

Mozilla's Firefox web browser used to display a green padlock icon in the browser's address bar when secure sites were opened in the browser. Additionally, the browser would display extended information for sites with EV (Extended Validation) certificates.

Mozilla launched a change recently in Firefox that changed the green padlock icon to a gray icon and removed the EV certificate information from the browser's address bar entirely.

The organization revealed plans in August 2019 to change the information that Firefox displays in the address bar in regards to sites using HTTPS and implemented the change in Firefox 70.0 released recently.

Firefox users who open a secure site in the browser see a gray padlock icon in the address bar in Firefox 70 and newer versions of the browser. Sites with EV certificates are not highlighted in any way anymore as well.

firefox green gray icon

The main idea behind the changes -- Mozilla is not the only browser developer that made it -- is that the majority of Internet sites are using HTTPS on today's Internet and that the number will increase even more in the coming years. HTTPS is the new default and the reasoning is that sites that don't support it should be highlighted instead of sites that support it.

One of the issues with the approach is that generations of Internet users have been trained to look for these locks in the address bar to verify that the connection is secure. While that is still possible as the gray padlock icon indicates a secure connection, some may prefer to get the green icon restored instead as it provides a better visual indicator.

Making Firefox`s padlock icon green again

firefox green padlock

Firefox comes with built-in configuration options to restore the green padlock icon. Here is what you need to do:

  1. Load about:config in the Firefox address bar.
  2. Confirm that you will be careful if a warning screen is displayed.
  3. Use the search at the top to find security.secure_connection_icon_color_gray.
  4. Toggle the preference so that its value is FALSE.

The change is applied immediately, a browser restart is not required. You should notice that all sites that use secure connections are displayed with a green padlock icon again in the Firefox address bar. To restore the gray icon, set the value of the preference to TRUE instead.

Restoring Extended Validation Certificate information in Firefox

ev certificate firefox show

Firefox users may enable the display of EV certificate information in Firefox's address bar as well; this is also done using the method described above:

  1. Visit the about:config page again.
  2. Search for security.identityblock.show_extended_validation this time.
  3. Set the preference to TRUE to enable the display of extended validation information in the browser's address bar.

The change is applied immediately. If you don't see it right away try to refresh the site in question. You may set the value of the preference to FALSE to restore the default.

Display not secure for sites that don't use HTTPS

firefox not secure

Firefox displays a crossed-out padlock icon in the address bar by default when a site that does not use HTTPS (or uses it incorrectly) is visited. You may add the "not secure" text to the address bar to further highlight the status of the connection.

  1. Visit about:config in the Firefox address bar.
  2. Search for security.insecure_connection_text.enabled.
  3. Set the value of the preference to TRUE to enable "not secure" or FALSE to disable it.
  4. Bonus: If you want to apply the change to private browsing connections as well, search for security.insecure_connection_text.pbmode.enabled and set the value accordingly.

Now You: do you check the status of the connection in your browser of choice? (via Ask VG)

Summary
How to restore the green lock icon in Firefox's address bar
Article Name
How to restore the green lock icon in Firefox's address bar
Description
Find out how to restore the green padlock icon and Extended Validation certificate information in the Firefox address bar.
Author
Publisher
Ghacks Technology News
Logo
Advertisement

Tutorials & Tips


Previous Post: «
Next Post: «

Comments

  1. sheikh said on May 7, 2020 at 8:22 pm
    Reply

    the EV pref(security.identityblock.show_extended_validation) is gone in latest firefox. Please help

  2. Theo Chino said on November 6, 2019 at 5:30 pm
    Reply

    Opened this bug on Mozilla. I don’t know who is the Mozilla genius who came up with the idea but it show that they need to get more air and talk to more seniors.

    https://bugzilla.mozilla.org/show_bug.cgi?id=1594469

  3. Anonymous said on November 4, 2019 at 3:48 pm
    Reply

    Thanks

  4. Ray said on October 29, 2019 at 7:30 pm
    Reply

    Nice tips, Martin. I missed the green padlock :)

  5. Ron said on October 28, 2019 at 10:11 pm
    Reply

    Dumb decisions like this makes me glad I switch to Pale Moon long ago.

  6. Anonymous said on October 28, 2019 at 6:33 pm
    Reply

    userchrome mods still work — e.g.

    /*
    * Change identity box colour for HTTPS connections
    * e.g. #FFFF00 (yellow), #FFFFA8 (pale yellow), #BCFCBC (pale green), #FF6347 (tomato red),
    * #FF6666 (red), #D9D9D9 (light grey), #33CCFF (light blue), #E46C0A (orange), #E5E3DE (themed)
    */
    #identity-box {
    background-color: #FFFFA8 !important;
    color: black !important;
    }

    #identity-box.verifiedDomain {
    background-color: #BCFCBC !important;
    color: black !important;
    }

    #identity-box.weakCipher {
    background-color: #E46C0A !important;
    color: black !important;
    }

    #identity-box.verifiedIdentity {
    background-color: #33CCFF !important;
    color: white !important;
    }

    #identity-box.mixedDisplayContent {
    background-color: #FF6347 !important;
    color: black !important;
    }

    #identity-box.mixedDisplayContentLoadedActiveBlocked {
    background-color: #FFFF00 !important;
    color: black !important;
    }

    #identity-box.mixedActiveBlocked {
    background-color: #FFFF00 !important;
    color: black !important;
    }

    #identity-box.mixedActiveContent {
    background-color: #E46C0A !important;
    color: black !important;
    }

    #identity-box.insecureLoginForms {
    background-color: #FF6666 !important;
    color: black !important;
    }

    1. Tom Hawack said on October 29, 2019 at 4:10 pm
      Reply

      Nice. Personally I don’t use the identity box (totally hidden) and for the color eye-catch I change the urlbar’s background color.

      Be noted that for Extended Validation to be checked two conditions are required:
      1) security.OCSP.enabled MUST BE 1=enabled (default) OR 2=enabled for EV (Extended Validation) certificates only
      2) security.identityblock.show_extended_validation MUST BE true (false on FF70)

      from there on I include in mu userChrome.css :

      /* start */
      #urlbar {position: relative; z-index: 1;}
      #identity-box:after {
      content: ”; position: absolute; height: 100%; width: 100%; top: 0; left: 0;
      pointer-events: none; z-index: -1; background: linear-gradient(#DDDDFF,#EEEEFF,#DDDDFF); opacity: 1;
      }
      #urlbar[pageproxystate=’valid’] #identity-box.verifiedDomain:after{background:#FFFFA0;}
      #urlbar[pageproxystate=’valid’] #identity-box.verifiedIdentity:after{background: linear-gradient(#3399FF, 1px, #FFFFA0, 25px, #3399FF);}
      /* end */

      My default urlbar background color : linear-gradient(#DDDDFF,#EEEEFF,#DDDDFF)
      My urlbar background color for https : #FFFFA0
      My urlbar background color for https with EV (if applicable) : linear-gradient(#3399FF, 1px, #FFFFA0, 25px, #3399FF)
      // If EV not applicable urlbar background color considers verifiedDomain (#FFFFA0)

      That catches the eye, immediately. No need for lock icon.

  7. Matt said on October 28, 2019 at 6:11 pm
    Reply

    Thanks so much!

  8. Paulus said on October 28, 2019 at 4:30 pm
    Reply

    Nice one Martin, Really nice loving this.
    I still do not understand why they changed the more obvious for this Les informative way?
    When 96% is using HTTPS sites than maybe I could understand it, but now!

  9. Paul(us) said on October 28, 2019 at 4:29 pm
    Reply

    Nice one Martin, Really nice loving this.
    I still do not understand why they changed the more obvious for this Les informative way?
    When 96% is using HTTPS sites than maybe I could understand it, but now!

  10. qainsights said on October 28, 2019 at 3:45 pm
    Reply

    Personally, I like the green color which gives you piece of mind while browsing.

  11. Dilly Dilly said on October 28, 2019 at 3:28 pm
    Reply

    Chrome and Firefox goals; dumb everything down, remove important choices, utilize Dark Patterns to confuse users, enhance data collection aspects and heard users into profitable data collection outcomes. DoH is a scam. The lock will be deprecated in time.

    Around the mid aughts browsers competed on features and performance. If this is the state of browsers today imagine what it will be like a few years from now.

  12. Some Guy said on October 28, 2019 at 2:32 pm
    Reply

    I think I’m going to cry.

    Mozilla finally fucked me, hard completely and without warning.

    I got the latest version update and after the install it gave me THAT prompt. The new profile one.
    I hesitated for a minute reading and trying to understand what it means. It doesn’t warn you that you should back up and it says it’s for data protection so ultimately I clicked the new profile button.

    The last 5 years of my history browsing vanished in that instant with no possibility of recovery!

    I used firefox as my main browser since the netscape days, and I know all the shit they made till this day. But today was my final straw. You can’t just do this to people, you can’t just decide to erase their entire history just because you feel like it. Oh and the fun part? if you want to save your profile there isn’t that option in the prompt it’s just quit and the browser doesn’t.

    Say what you will about any of the other browsers out there but none of them ever pulled some evil shit like this.

    I’m doing my best not to cry but I think I’ll breakdown later today. Today I raged uninstalled the piece of crap that firefox turned into and I will never look back.

    Let it fucking RIP, it deserves it!

    1. Dumbledalf said on October 28, 2019 at 5:16 pm
      Reply

      @Some Guy,

      For me Firefox died in 2011 when they released Firefox 4.0 with its ugly, bloated UI that was limited in terms of customization and simply wanted to copy Chrome’s tabs on top layout. People had to install add-ons like Classic Theme Restorer in order to get get back their old more customizable UI.

      And since then the only thing Mozilla ever did was keep dumbing down Firefox until in 2017 they released Quantum and Firefox finally became like Chrome’s deformed and crippled twin.

      Now Firefox has absolutely nothing going for itself and the only thing Mozilla keeps doing is changing the colors of the logo and icon every year with a more idiotic one each time until it makes you want to puke when you look at it. The other thing they keep doing is adding some questionable privacy features and keep bragging about them.

      Firefox is now coming to an end – slowly dying because of its creators’ severe ineptness and incompetence until it finally dies, gets abandoned and the company shuts down or switches to developing some cloud service crap.

      I’ve tried Firefox recently, but the browser is so slow, even with tracking turned off, it still loads websites a lot slower compared to Blink-based browsers. And I’m not talking about how Firefox’ market share is so low that web developers simply can’t be bothered to write a few lines of code to support it properly, but the fact that the browser itself, it’s rendering engine or whatever is just garbage. Even if Firefox had 90% market share on every platfrom, Blink browsers would still load a lot better and faster than it.

      And that part where Chrome and other Blink-based browsers are memory hogs while Firefox isn’t is completely opposite from my experience. It’s actually Firefox that uses more memory and Blink browsers using less. I’ve tried this with Opera, Chrome, Brave, in comparison Firefox and Waterfox are a joke that’s not even funny.

    2. ShintoPlasm said on October 28, 2019 at 3:17 pm
      Reply

      Is it also possible that it saved your old profile to a folder on your Desktop, same as it does when you do a Refresh?

      1. Some Guy said on October 28, 2019 at 3:20 pm
        Reply

        Nope, nothing on my desktop. Thanks for the help though.

      2. Paul(us) said on October 28, 2019 at 4:27 pm
        Reply

        Some Guy,
        Why dont u use the free backup program for Firefox called mozbackup than this will never happen?

      3. Some Guy said on October 28, 2019 at 5:51 pm
        Reply

        For the same reason people don’t store their personal journals in stranger’s homes.

        I know that I should have had saved backups, that is on me.

        But wiping almost a decade worth of browsing and tabs on whim without any kind of notice is on them and really what the issue is.

        I shouldn’t have to save every 5 minutes out of fear that a company decides to wipe me out with an update.
        And doing so is just using terrorism in promoting your sync or cloud services and pressuring me to use a service I don’t want to use or need to…

      4. Muhammad Firza said on December 6, 2019 at 12:29 pm
        Reply

        Yeah, firefox since version 70 to present become a chrome-alike, bad features, more privacy & security features and really disappointed, depressed, imprisoned for former http sites visitor, and reluctant.

        Why, should mozilla stop removing/changing features like http flagged as ‘not secure’ & green padlock reverted to darkish gray padlock on https.

      5. lm said on October 28, 2019 at 5:35 pm
        Reply

        I made same mistake by updating Firefox 70 to 71. Lost Old profile. Using Windows restore point I was able to restore old profile wita Old version

    3. Martin Brinkmann said on October 28, 2019 at 2:55 pm
      Reply

      Try starting Firefox with the -p parameter to see if the old profile is still there.

      1. Some Guy said on October 28, 2019 at 3:18 pm
        Reply

        Oh and thank you for the help, please excuse my poor manners but my head is just gone right now :|

      2. Some Guy said on October 28, 2019 at 3:15 pm
        Reply

        I f you could please provide a link to a tutorial or how may I go about it I would be most grateful :)

        I’m still in shock… But on the other hand Falkon browser is great! :D

  13. David said on October 28, 2019 at 2:23 pm
    Reply

    So these modifications should be made only on 70 browser, not before?

    1. Martin Brinkmann said on October 28, 2019 at 2:56 pm
      Reply

      Yes David, Mozilla made the switch in Firefox 70.

      1. David said on October 28, 2019 at 4:30 pm
        Reply

        Ok, thank you.

  14. Anonymous said on October 28, 2019 at 1:28 pm
    Reply

    ”Do you check the status of the connection in your browser of choice?”

    Very often but not every time. For example his site uses TLS 1.2, certificate authority is GlobalSign. Useful tips, but more work for me. I had to check each browsers configs.

    1. pHROZEN gHOST said on October 28, 2019 at 5:45 pm
      Reply

      If you are really paranoid, you may want to read through each site’s source code to look for “nasty stuff”.

    2. Anonymous said on October 28, 2019 at 2:25 pm
      Reply

      Correction: This site.

  15. Yan said on October 28, 2019 at 1:18 pm
    Reply

    An ad for a spamming service on Nirsoft? Not nice. :-(

  16. pd said on October 28, 2019 at 12:10 pm
    Reply

    Browser vendors creating unnecessary user anxiety through dumbing down the interface. Bad form. Disappointing.

  17. TellTheTruth said on October 28, 2019 at 11:30 am
    Reply

    The claim that nirsoft[.]net is not secure is remarkable. Also, HTTPS does not make a Web site more secure (just look at the number of phishing sites using HTTPS) and even traffic over HTTP may be encrypted.

    1. Gareth said on October 28, 2019 at 6:51 pm
      Reply

      @TellTheTruth

      Try taking out the S from the end of HTTPS for the nirsoft website URL

    2. anon said on October 28, 2019 at 6:33 pm
      Reply

      You’re confusing security and safety.

    3. John Fenderson said on October 28, 2019 at 3:49 pm
      Reply

      @TellTheTruth:

      OK, here’s the truth, then — HTTPS does make interactions with a web site more secure. This is simply objective fact. It increases security by both encrypting the datastream and by offering something more than nothing in terms of validating the site you’re on is the site that you think you’re on.

      HTTPS does not eliminate all vulnerabilities. Nothing can. But to imply that because a security mechanism isn’t perfect means there’s no point to using it is simply illogical.

  18. Mozinet said on October 28, 2019 at 9:38 am
    Reply

    “removed the EV certificate information from the browser entirely.”

    The EV certificate information is shown in the address bar control center.

    1. Martin Brinkmann said on October 28, 2019 at 1:03 pm
      Reply

      Right, I meant to say browser’s address bar. Changed it, thanks!

  19. Alfred said on October 28, 2019 at 9:08 am
    Reply

    Thank you so much for this Martin.

    As someone working in digital marketing, I never understood why Google first (and rest that followed) removed the green lock. Who did it harm?

    Especially EV Certificate lock – which gives the user an instant understanding of who he/she is dealing with and from where.

    It’s nonintrusive.

    1. anon said on October 28, 2019 at 5:53 pm
      Reply

      HTTPS is the norm so the idea is to identify what is not. And EV certificates are snake oil so this is another step to demote them.

      Actual security is more important than old bad habits and mis/disinformation.

  20. happysurf said on October 28, 2019 at 8:44 am
    Reply

    Great tip Martin, works also with themes.

    1. perknh said on May 4, 2022 at 9:10 pm
      Reply

      Hi Martin,

      Thank you for sharing this little trick. It has certainly been helpful the last several years, but now we’ve hit version 100 of Firefox and this option is no longer available to us. Do we have to throw in the towel now, or is there another way to available to us to get our favorite little green padlock icon back?

      Thanks so much,

      perknh

Leave a Reply

Check the box to consent to your data being stored in line with the guidelines set out in our privacy policy

We love comments and welcome thoughtful and civilized discussion. Rudeness and personal attacks will not be tolerated. Please stay on-topic.
Please note that your comment may not appear immediately after you post it.