I can teach my computer illiterate grandma simply "never do email unless the address bar is green", she can remember that.
As opposed to: Never do email unless unless the address bar is green, except when:
- It's the first time you visit the web site
- You use another browser
- You bought a new computer/tablet/phone, reinstalled your computer etc.
- You accidentally cleared your browser history
- You are on a public wifi the very first time you visit a web site.
- The website changed their certificate since last time you used it.
- You happen to be unlucky and even at home you are under a MITM-attack the very first time you visit the page.
The last bullet is especially troublesome because even a programmer would have a hard time to judge that one.
As opposed to: Never do email unless unless the address bar is green, except when: - It's the first time you visit the web site - You use another browser - You bought a new computer/tablet/phone, reinstalled your computer etc. - You accidentally cleared your browser history - You are on a public wifi the very first time you visit a web site. - The website changed their certificate since last time you used it. - You happen to be unlucky and even at home you are under a MITM-attack the very first time you visit the page.
The last bullet is especially troublesome because even a programmer would have a hard time to judge that one.