Skip to main content.
Link to CEFCU Home Page

If you are using a screen reader or other auxiliary aid and are having problems using this website, please contact us at 1.800.633.7077.

Visit our accessibility help page.

Online Security

  • What do I do if I'm having trouble using a website with mixed content?

    Visit your Web browser's website to get up-to-date instructions on changing your settings to view mixed content.

  • What does it mean when I have both secure and non-secure (mixed) content?

    When a Web page tries to display elements using both secure (HTTPS/SSL) and non-secure (HTTP) Web server connections, you may get this message. This can happen with online stores or financial sites that display images, banners, or scripts coming from a server that is not secured.

  • Is there a way I can increase the safety of online transactions?

    Just as when you complete financial transactions in a public place, there is no guarantee of safety on the Web. Use only websites you know and trust, and visit our Security Center for tips on protecting your identity.

  • Why am I being prompted to change my password? Is this safe?

    To help you protect your account, CEFCU On-Line® may prompt you to change your password at any time. Remember, your security phrase and image are there to verify that you are on CEFCU's server, so it is safe to do this.

  • Is a website safe to use if it has secure transactions?

    Encrypted connections are not a guarantee a website is safe to use. A secure connection only assures you of the identity of the website, based on the information provided by the certifying organization. Only provide personal information to a website you know and trust.

  • What should I do if I think a website is trying to mislead me about its identity?

    If you believe a site is attempting to mislead you about its identity, contact the certification authority whose name appears in the certificate and in the Security Status bar.

  • What is encryption?

    Encryption is a means of making data unreadable to everyone except the recipient of a message. For instance, it is used to make the transmission of credit card numbers secure if you are shopping on the Web.

  • What is a secure connection?

    A secure connection is an encrypted exchange of information between a website and a Web browser. Encryption is provided through a document called a certificate, which is provided by a website. When you send information to the website, it is encrypted at your computer and decrypted at the website.

    Even with encryption, it is still important you only transact with trustworthy websites because your privacy can still be compromised by the way the website uses or distributes your information.

    To help ensure your financial information remains safe and secure, CEFCU uses 128-bit secure sockets layer (SSL) encryption, monitors and constantly updates systems, and utilizes multiple security layers and strong business practices.

  • How can I tell if I have a secure connection?

    The symbols of a secure connection vary from browser to browser. For example, in the most current versions of a number of Web browsers — Internet Explorer 7.x, Firefox 2.x, Safari 3.x, Opera 9.x — you will see a lock icon in the Security Status bar, which is located to the right of the Address bar. Check your browser's website for the most current details on security connection symbols.

  • Why do I see different colors in the Address bar?

    In some browsers, when you visit a website that uses a secure connection, the color of the Security Status bar indicates whether the certificate is valid; and it displays the level of validation that was performed by the certifying organization.

    Color Indications
    Red: The certificate is out of date, invalid, or has an error.
    Yellow: The authenticity of the certificate or certification authority that issued it cannot be verified. This might indicate a problem with the certification authority's website.
    Green: The certificate uses extended validation, which means communication between your browser and the website is encrypted and the certification authority has confirmed the website is owned or operated by a business legally organized under the jurisdiction shown in the certificate and on the Security Status bar. The certification authority makes no assertion about the business practices of the website.

  • How does EV SSL compare to SSL?

    EV SSL stands for Extended Validation SSL, which sets the security standards higher for websites. These new standards were put in place to create an even stronger defense against fraud.

    The new EV SSL Certificate is a "higher security" certificate. It is only issued when the Certificate Authority, through more rigorous validation, can:

    • Establish the legal identity, as well as operational and physical presence of the website owner.
    • Ensure the website owner has exclusive control over the URL.
    • Confirm the identity and authority of the individuals acting for the website owner and receive signed documents pertaining to legal obligations by an authorized officer.

    When updated browsers, such as Internet Explorer 7.x and Firefox 2.x, encounter an EV SSL certificate, a special visual indicator displays in the browser window to communicate the presence of an EV SSL certificate. With the updated browsers, sites with an EV SSL certificate will cause the URL address bar to turn green and will toggle between the business and Certificate Authority name.