Is my bank login going out encrypted?
I'm responsible for Emergency Management in our organization. I used to be in the computer industry so am familiar with lots of "stuff" but in internet security I'm pretty new. Unfortunately, I know more about it than any of my co-workers and they're asking questions about traveling overseas, wireless access and security.
I've begun reading all the newbies items here and can tell this is going to be a great resource but I have an immediate need I'm hoping someone will have a suggestion or two for.
The immediate problem is some of our guys want to do online banking while they're traveling and use free wireless access points when they can. I went to the login page on our bank site (which is the splash page), looked in the address bar and noticed it said http: instead of https:. To me, this means the login name and password is going out unencrypted.
I called the bank and the person I spoke to said that the login part of the page was encrypted though the rest of the page wasn't. Actually, she said the name wasn't but the password was encrypted. If what I read is correct, this is possible but I'm a little suspicious and would like to prove it to myself because a lot of guys are overseas using whatever access points for their banking with little or no knowledge of the dangers (cringe).
So, my questions are:
-Can I test this on my home computer by doing something like "sniffing" what goes to my wireless router when I hit enter on the login page? What software would I use for that?
-Maybe I'm on the wrong track and should try to determine this a different way like looking at the source code on the page?
Sorry for such newb questions, but I'm not to proud to ask those who have been there, done that and got the t-shirt. Thanks in advance for your wisdom. This just evolved into my lap and I've got folks in 28 countries and I'm all 'a sudden pretty worried.