Larger companies that monitor for corporate passwords being entered on third-party sites usually use a browser extension that’s force-installed using Chrome Enterprise.
You’re sure they aren’t decrypting your traffic? Check the root cert of any site and see if it’s their own root.
dan@upvote.au 12 hours ago
Brkdncr@lemmy.world 12 hours ago
Why do you say usually? It’s not what I do. I MitM every machine.
BrianTheeBiscuiteer@lemmy.world 15 hours ago
This is definitely a thing.
EncryptKeeper@lemmy.world 13 hours ago
Only if the site they’re visiting isn’t using HSTS, but it’s possible
foobaz@lemmy.world 11 hours ago
I don’t think this is correct. HSTS only prevents downgrading.
ShellMonkey@piefed.socdojo.com 9 hours ago
HSTS says it must be encrypted but a proxy will create two connections and look at it clear in the middle. On the other hand cert pinning says it must be a specific cert that breaks the site if decryption is used. Apple is big on doing that for a lot of their site and apps.
fonix232@fedia.io 6 hours ago
Yep, they're not decrypting HTTPS, I've triple checked. But we do have an MDM forced proxy service that does check any non-encrypted traffic...