Chrome Will Start Marking All HTTP Sites as ‘Not Secure’
Google recently announced that all HTTP websites will be marked as “not secure” on the latest version of its Chrome browser – Google Chrome 68. At present, you may notice that HTTP websites are usually accompanied by a neutral information icon, but once the mentioned changes come into effect, Chrome will feature a separate warning icon on the site’s address bar.
It’s important to note here that this change is long overdue and has been expected for a long time. Back when Google released version 62, Chrome came with a “Not Secure” warning for all HTTP sites with payment card and password fields. Currently, Google Chrome uses a “Secure” sign with a green lock character to show that the site you’re visiting is safe. Not only that, but since 2015, Google has been steadily downgrading all unencrypted websites in its efforts to encourage users to only visit and interact with safe websites. Also, unencrypted password fields are treated with the same down-ranking measures too.
By introducing these clear signals to alert users of safe and unsafe websites, Google is trying to protect its users from unsafe and unencrypted sites, and this includes marking all HTTP-encrypted websites as “not safe.”
Also, Google is not the only internet browser to punish HTTP websites, as Mozilla did something similar towards the end of 2017 when they announced that their Firefox browser would display a “not secure” sign next to all HTTP-encrypted websites.
Why Is Google Doing This?
Apparently, the move was motivated by the fact that a large majority of websites are already encrypted and use HTTPS instead of HTTP. This is great news for internet users because when you visit a website with HTTPS encryption then you can rest assured knowing that no hackers or third parties can peep into your activity while you’re on that site. Plus, you can browse freely knowing that all the information you share on an HTTPS site is fully protected.
On the other hand, HTTP websites don’t have that type of security and instead, they expose you to third-party intrusion. In fact, visiting a non-safe website means that anyone can just come in and access your ISP or router, and they’ll even be able to infect your browser with malware or hack into certain accounts and post as you.
Needless to say, Google’s commitment to double down on HTTP websites is a welcome announcement, and it’s good to know that HTTPS encryption can be easily applied using programs like Let’s Encrypt, which does it for you automatically.
However, to make the migration to HTTPS even easier, Google has introduced its own service called the Lighthouse. The Lighthouse tool will make it easier for website owners to check if their site is HTTPS encrypted and if not, it will provide them with the tools needed to encrypt it for safety.
In a nutshell, implementing HTTPS encrypting is so effortless and easy that webmasters and business owners simply have no excuse but to do it, for their own sakes and for the sake of their site visitors.