Google Chrome, the web browser with 56.8% of the market share, will start labeling all sites as “Not secure” if they’re served without HTTPS and contain any input fields.
In January of 2017, Google Chrome version 56 started showing “Not secure” warnings in the URL bar for web sites that were served over HTTP that contained password or credit card fields.
Google is upping the ante come October of 2017 with the release of version 62. The browser will show “Not secure” next to the address bar of any web page that is served without TLS/SSL protection that contains any type of input field, even a search field.
Web browsers, like Internet Explorer, Mozilla Firefox, and Safari use the HTTP protocol to communicate with the web servers that deliver the web sites to our devices. When this HTTP protocol is wrapped in TLS/SSL it’s referred to HTTPS, where the “S” stands for “secure”.
When web browsers communicate over HTTP, the communications can be intercepted by anyone in between the browser and the server, which is the wild west known as the internet. When browsers use HTTPS, point to point encryption is used so that the interception can only occur outside of that area.
Out of the top 1,000,000 web sites, only about 9% of them are using HTTPS. If we assume that these sites are better-maintained than the rest, then it’s highly likely that only a tiny portion of the web is using encryption to ensure your privacy. Google has done research that gives us hope though. Due to the most used sites using HTTPS, approximately 75% of the world’s web traffic is secure.
Google has promised that soon they will treat all sites immediately with a red “Not secure” with a triangle warning icon with an exclamation mark if they’re not using HTTPS.
Upgrading to HTTPS
We roll all of our new sites out with HTTPS. Not only does it offer some privacy protection, but Google will rank a site higher in organic searches if the site is using it and its competitors aren’t.
Securing your web site isn’t as hard or expensive as it used to be. A secure site used to mean high yearly fees for a single root certificate and renewal maintenance. Chained certificates can now be acquired for free, and many web hosting control panels will handle the renewal maintenance automatically.
Contact us if you need help securing your site. We’d be happy to secure your site like ours.