Security preferences

The security preferences let you manage your certificates, fine-tune security protocols, and be warned in insecure situations.

The default settings work well for normal browsing. Only advanced users with special needs and technical understanding should need to modify these settings.

Learn more about security

Certificates

Personal certificates are used to identify you as the genuine user of your secure Web services, while certificate authorities are used to certify a Web service as secure for you to use.

Most certificate authorities you will ever need are pre-installed with Opera, and personal certificates are automatically installed when required by a secure Web site. These settings are here should you want to delete or fine-tune your certificates.

Deleting certificates

While viewing certificates of either kind, select a certificate then click , to delete the certificate.

Warnings:

If you delete a personal certificate, you will have to create a new personal certificate to use the corresponding Web service again
If you delete a certificate authority, you will need to reinstall Opera or download the certificate from the original provider to restore it

Fine-tuning certificate authorities

You can disable a certificate, thereby disallowing connections to all sites that are certified by the disabled authority. You can do this if you for some reason don't trust an authority anymore.

You can also ask to be warned each time a particular certificate is used.

Security protocols

Security protocols are used to communicate securely with Web servers where sensitive data, such as credit card information, is involved.

Opera supports the most advanced security protocols available today:

Transport Layer Security (TLS) 1.0 - most secure
Secure Socket Layer (SSL) 3.0
Secure Socket Layer (SSL) 2.0

Tip: When you visit a secure Web site, the padlock icon on the address bar turns into a security icon indicating the level of security on the site. Move your mouse over the security icon for detailed information.

Disabling protocols

To disable a security protocol, uncheck the respective checkbox. To access a site which uses the disabled security protocol, simply enable it again.

Disabling ciphers

To disable particular ciphers used by the security protocols, click or . To prevent connections to any but the most secure Web services, click to disable entries indicating less than 128 bits.

Security password

You can set up Opera so that you have to type in a password when using certificates. This will effectively prevent other people from using your certificates, as long as you select a good password and don't write it down anywhere.

You can also specify how often you should be asked for the password. The most secure option is to be asked every time, but the most practical is probably once per Opera session.

Warnings

Submitting forms insecurely to most sites, such as search engines and discussion groups, where no sensitive data is involved, is considered harmless. However, you may want to be warned about unintentionally submitting a sensitive form to a site without security.

Opera's integrated source code validation service involves uploading your local copy of a Web page from your computer to an on-line validator. This is done without any form of encryption. The warning is there by default to prevent you from unintentionally sending a sensitive document over the Net.