I got a similar message when logging in on Firefox.
Use IE or Edge.
It’s been addressed here, several times.
Maybe, if Jim is on line, he’ll explain the issue, one more time.
I found one of the links where Jim explains the issue.
“The problem is that Google, and now possibly Firefox, are deprecating their support for industry standard SHA-1 certificates:
https://security.googleblog.com/2016/11/sha-1-certificates-in-chrome.html
John will eventually install a new SHA-2 certificate after he works out a couple other pressing issues, meanwhile, our SHA-1 certificate is current and is still valid (despite Googles warning message) and our secure server continues to encrypt our transactions as before.
You can click Advanced at the bottom of the warning message and override Googles erroneous Not secure message.
Or you can try a browser like Edge (default browser delivered with windows 10) and it works fine without the warning message.
Thank you very much.”
http://www.freerepublic.com/focus/bloggers/3531442/posts?page=7#7
Further info:
“Now that you have the appropriate background, we can get on to the star of the show.
“As I said earlier, SHA stands for Secure Hashing Algorithm. SHA-1 and SHA-2 are two different versions of that algorithm. They differ in both construction (how the resulting hash is created from the original data) and in the bit-length of the signature. You should think of SHA-2 as the successor to SHA-1, as it is an overall improvement.
“Primarily, people focus on the bit-length as the important distinction. SHA-1 is a 160-bit hash. SHA-2 is actually a family of hashes and comes in a variety of lengths, the most popular being 256-bit.
The variety of SHA-2 hashes can lead to a bit of confusion, as websites and authors express them differently. If you see SHA-2, SHA-256 or SHA-256 bit, those names are referring to the same thing. If you see SHA-224, SHA-384, or SHA-512, those are referring to the alternate bit-lengths of SHA-2. You may also see some sites being more explicit and writing out both the algorithm and bit-length, such as SHA-2 384.
“The SSL industry has picked SHA as their hashing algorithm for digital signatures. From 2011 to 2015, SHA-1 was the primary algorithm. A growing body of research showing the weaknesses of SHA-1 prompted a revaluation. From 2016 onward, SHA-2 is the new standard. If you are receiving a certificate today it must be using that signature at a minimum.
“Occasionally you will see certificates using SHA-2 384-bit. You will rarely see the 224-bit variety, which is not approved for use with publicly trusted certificates, or the 512-bit variety which is less widely supported by software.
“SHA-2 will likely remain in use for at least five years. However, some unexpected attack against the algorithm could be discovered which would prompt an earlier transition.
My Fire Fox did that too on FreeRepublic and I emailed Jim Thompson, oops I mean Jim Robinson a few weeks ago.