Chrome will identify all HTTP sites as “not secure”

2 drawn computers on orange background, one with a green lock (locked) one with a red lock (unlocked)
Security / SEO / Thoughts

Starting in July, with version 68 of the Google Chrome browser, all sites running in HTTP will be marked as “not secure”, according to a blog post published by the Chrome security product manager Emily Schechter.  The neutral information icon Chrome currently display will be replaced with an extra notification to warn users, starting with Chrome version 68.  Chrome currently marks HTTPS-encrypted sites with a green lock icon and “Secure” sign.

Google is sending a not so subtle hint to the unencrypted web.

July will be the most forceful hint by Google yet. In 2015, Google search began down-ranking unencrypted sites, and in 2016, the Chrome team instituted a similar warning for unencrypted password and credit card fields.

Screen Capture: Treatment of HTTP Pages in Chrome 64 vs July 2018 Chrome 68 showing "not Secure" in the address bar.
An example of the planned change to the Chrome address bar.

The Chrome team continues to push for an increase in HTTPS adoption and we couldn’t agree more. All sites we have launched since early 2016 have come with an included SSL certificate.

HTTPS encryption protects the channel between your browser and the website you’re visiting. ensuring no one in the middle can tamper with the traffic or spy on what you’re doing. Without that encryption, someone with access to your router or ISP could intercept information sent to websites or inject malware into otherwise legitimate pages.

Contact us today for a security review of your website.