PASSPORT.GOV.PH | Unsecured govt website alarms netizens

May 22, 2017 - 4:53 PM
The is "NOT SECURE" as of 4:00 P.M., Monday, May 22.

In light of the recent cyber attack that affected hundreds of thousands of computers globally, Pinoy netizens are sounding the alarm of what could be a major cyber security problem for one government website:

As of 4:00 P.M., Monday, May 22, when one visits, a security warning will appear on Google Chrome, saying “Your connection is not private…attackers might be trying to steal your information from www.…”

Apparently, what the website is lacking right now is its SSL Certificate, as it has expired over 11 days ago.

As of 4:00 P.M., Monday, May 22: Screenshot of the website as it appears on Google Chrome.

SSL or Secure Sockets Layer Certificates are “small data files that digitally bind a cryptographic key to an organization’s details.” It is used to secure credit card transactions, data transfer and logins, and browsing on websites such as social media sites.

As for the said government website, which is under the Department of Foreign Affairs (DFA), is frequently visited mostly by Filipinos for information on passport requirements, appointments, and application, thus providing their private personal details on the site.

“NOT SECURE” appears on the URL of as of 4:00 P.M., Monday. May 22.

So what happens when an SSL certificate expires on a website?

If a certificate has expired, the certificate becomes invalid, and visitors to the site will no longer be able to run secure transactions. Having an unsecured website will be vulnerable to cyber attacks or other cyber criminal activities such as identity theft.

Since Thursday, alert netizens have been posting on Twitter about this cyber security issue hounding the website.

Tweet regarding lack of SSL Certificate.

No word yet from the DFA regarding the resolution of this matter.