SSL Chrome

Google: Chrome will mark HTTP sites Not Secure

Google are making changes.

Google takes website security very seriously and in their version of the popular web browser, Chrome 62 coming out in October 2017,  will show non-secure websites (HTTP) with a label marked ’Not Secure’, when users enter data on an HTTP page, and on all HTTP pages visited in Incognito mode.

form-and-incognito-http-bad-verbose

Treatment of HTTP pages in Chrome 62

Taken from a blog from Google back in April, they say:

Our plan to label HTTP sites as non-secure is taking place in gradual steps, based on increasingly broad criteria. Since the change in Chrome 56, there has been a 23% reduction in the fraction of navigations to HTTP pages with password or credit card forms on desktop, and we’re ready to take the next steps.

Passwords and credit cards are not the only types of data that should be private. Any type of data that users type into websites should not be accessible to others on the network, so starting in version 62 Chrome will show the “Not secure” warning when users type data into HTTP sites.”

The blog post finishes by reminding people that eventually the “Not Secure” warning will show on all pages without an SSL and not to delay moving over to HTTPS:

Eventually, we plan to show the “Not secure” warning for all HTTP pages, even outside Incognito mode. We will publish updates as we approach future releases, but don’t wait to get started moving to HTTPS! HTTPS is easier and cheaper than ever before, and it enables both the best performance the web offers and powerful new features that are too sensitive for HTTP. Check out our set-up guides to get started.

Not sure what an SSL is? Read our helpful blog explaining what an SSL is