Accessing MetroConnect

In order to provide your members with a reliable and secure connection to metroconnect, on May 11, 2015 Metro Community FCU will begin disabling access to metroconnect from browsers that do not support SSL versions TLS 1.1 & TLS 1.2.      

Many of you may recall the “Poodle” attack that was announced October, 2014.  With the Poodle attack, a hacker can force your browser to downgrade to an older SSL version (SSL 3.0), which is far less secure than today's SSL standards.  A browser using the 15-year old SSL 3.0 is vulnerable enough to let hackers spy on the data traveling to and from your computer. That means they could spy on your emails, banking or anything else.

After the details of this attack were announced, Metro Community FCU immediately made changes to metroconnect to only allow access from browsers that were using a security protocol of TLS 1.0 or higher.  TLS 1.0 is the next upgrade of SSL Version 3.0.  Since TLS 1.0 has been available on all browser versions for the last 15 years, we were able to make these changes without affecting your membership’s connectivity to metroconnect.

Recent discoveries have now alerted us to some similar potential security risk that may exist within TLS 1.0.  These risks have been addressed with SSL versions TLS 1.1 & TLS 1.2.  However, since these TLS versions have only been available in browsers since 2006, we did not want to simply turn off TLS 1.0 without further research on the usage of your member’s browsers that support SSL versions TLS 1.1 & TLS 1.2.

The chart below shows what Operating Systems and Browsers support TLS 1.1 & TLS 1.2.  As you can see, only Windows Vista and XP system users that use Internet Explorer as their browser will not have the ability to support TLS 1.1 & 1.2.  According to our most recent stats, Windows XP & Vista users using Internet Explorer as their browser represent about 2% of the PC’s that access metroconnect.  However, Microsoft has ended all support for Windows XP and this Operating System is not supported for use with metroconnect.  In order to access metroconnect with TLS 1.0 turned off, the small number of Windows Vista users will need to install another browser such as Chrome or FireFox to continue to access metroconnect.


Enabling SSL Versions TLS 1.1 & TLS 1.2

Please select the browser that you are using to connect to NetBranch:

Internet Explorer:
Open Internet Explorer
Click Alt T and select “Internet Options”.
Select the "Advanced" tab.
Scroll down to the "Security" section.
Locate and check "Use TLS 1.1 and TLS 1.2".
Then, press the "OK" button.

Google Chrome: Download Google Chrome
Open Google Chrome
Click Alt F and select “Settings”.
Scroll down and select “Show advanced settings…”
Scroll down to the Network section and click on “Change proxy settings…”
Select the "Advanced" tab.
Scroll down to the "Security" section.
Locate and check "Use TLS 1.1 and TLS 1.2".
Then, press the "OK" button.

FireFox: Download FireFox

Open FireFox
Type in “about:config” in the URL bar and press Enter
Scroll down to “security.tls.version.max” and press enter
Set the value to 3
Then, press the "OK" button.
Open Opera
Click Ctrl+F12
Click on “Security”
Click on “Security Protocols…”
Check on “Enable TLS 1.1 & TLS 1.2”
Press the "OK" button.
Then, press the "OK" button.
There are no options for enabling SSL protocols. If you are using Safari version 7 or greater, TLS 1.1 & 1.2 are automatically enabled.