URI scheme distinguishes http and https.
HSTS stands for HTTP Strict Transport Security.
This policy forces the use of the HTTPS protocol only.
Session cookies are generally used to store session IDs or access tokens. Once they are exposed or compromised, attackers can impersonate users, or escalate their privileges on your application.
Clickjacking is a compound word of mouse click and hijacking that mean hijacking with mouse click.
Attacker could make the user click on what attacker intended.
CrossSiteScripting (XSS) Protection Policy prevents script that written by attacker deliver to normal user.
With a network packet capture program such as wireshark you can see network packets, but it might be difficult for you to use these programs.
But with our extension you can easily check if the login information is sent as plaintext before network transmission.
Personal information is deleted after the plain text transmission is detected and is not accessible from the extension. You don't have to worry.
More details on how it works are available at https://gitlab.com/savethelogin/savethelogin/wikis/home
We take your privacy as our top priority, No information processed by the extension is stored or transmitted.
Extensions are open source. If the extension is installed in Chrome, the source code is not obfuscated in the Chrome Profile Path.
You should inform the administrator of your site and ask them to apply SSL.