Dear Team,
I have just started seeing the "Not Secure"in the MIT app Inventor when I click on the "Create Apps" to navigate to the website.
So, my students are a little worried about the security.
Warm Regards,
Sunila
2 Likes
See e.g. here:
Hello Sunila
Are you using the Chrome Browser? It tends to moan more than the others put together 
Try FireFox instead.
Thanks Christopher. But, even Firefox is "Not Secure".
The App Inventor 2 Web application is accessed using http; not https. If a web page is not https, most browsers supply a not secure message. AI2 is moving towards https but is not there yet.
The difference between HTTP vs HTTPS is simply the presence of a SSL certificate . HTTP doesn’t have SSL and HTTPS has SSL, which encrypts your information so your connections are secured. HTTPS also has TLS ( Transport Layer Security ) protocol that HTTP lacks. HTTPS is more secure than HTTP.
Not secure is a misnomer; http is just less secure than https. You might read HTTP vs. HTTPS: What's the Difference and Why Should You Care? | Entrepreneur .
1 Like
my webpage address bar shows Not Secure when i sign in to app inventor2
Il sito del MIT sta provvedendo a fare il passaggio da Http verso Https; ma ci vorrà un po di tempo. Comunque posso confermare che il loro sito è sicuro al 100%..quindi puoi stare tranquillo.
1 Like
It's not that big of a problem for me, the thing is, I am not able to connect it to my phone because of this and check it, as it gets stuck at 20%(Establishing Secure Connection) because the connection is not secure, please fix this asap
Check the dozens of other posts about the 20% issue, you are not alone (it has nothing to do with app inventor serving up as http://)
In the beginning I had a secure connection and now it doesn't anymore. Click in google chroom on the "not secure"(like in the picture above) -> site settings -> unsafe content -> allow.
It started when I could not log in in app create.
My assumption is that the certificate is not valuable anymore. But I don't know how to refresh it. I found this in the google settings:
Privacy and security -> manage certificate -> goose to windows certificates (but can't find mit app inventor)
Very unlikely....
There is a test server somewhere that operates as https://, but the main server and code server are and have always been http:// because of the way the application works.
I now see the login site is secure, maybe it was that. I did a security check in my google account and after loging in and out it get stuck again.
Now the solution is "use legacy connection"
link
But after closing down I need too reset the connection. Is this normal?
It does react on changes I have mad soo thats good for now.
This is an issue again. Is this a problem with certificate renewal, or was this never implemented?
Is it stopping you from developing in App Inventor ?
As repeated, the App Inventor URL starts with http:// without an s. So, some browsers (including Chrome) show that the website is unsecure. It shouldn't stop you from app developing if you have access to Google's server.
I thought that must be outdated and that HTTPS had been implemented, because I usually notice "Not secure" in the browser. Maybe my recollection about AI2 is wrong and it's never been supported, I just missed it.
A bit surprising that MIT would allow it from a corporate point-of-view. Let's Encrypt provides free certificates (other providers may be available.)
and also see post #13