Google Chrome Will Mark All HTTP Pages as “Not Secure” From July 2018
Starting July 2018, Chrome Will Warn Users Upon Visiting Non-HTTPS Sites
This change is set to be materialized with the launch of Chrome 68, expected to be publicized in July 2018.
Emily Schechter, a Chrome security product manager, announced this on Google’s official blog.
“For the past several years, we’ve moved toward a more secure web by strongly advocating that sites adopt HTTPS encryption. And within the last year, we’ve also helped users understand that HTTP sites are not secure by gradually marking a larger subset of HTTP pages as “not secure.“Beginning in July 2018 with the release of Chrome 68, Chrome will mark all HTTP sites as ‘not secure,” she writes.
Google’s Crusade against HTTP: The Timeline
Google kicked off the ‘HTTPS Everywhere’ campaign in 2014 with the announcement of favoring HTTPS sites in search rankings. Since then, Google hasn’t looked back and has made every move that we could have asked for.
- 2018: Google announces to label all non-HTTPS webpages as “Not Secure”
- 2017: Google launches “Not Secure” warning for non-HTTPS pages with text input fields
- 2016: Google introduces Certificate Transparency
- 2015: Google restricts specific Chrome features to HTTPS only
- 2014: Google announces ranking benefits to HTTPS sites
What is HTTPS?
HTTPS stands for ‘Hyper Text Transfer Protocol Secure,’ and HTTP stands for ‘HyperText Transfer Protocol.’ The difference, as you can see, is regarding security. HTTPS is a cryptographic protocol that establishes an encrypted connection between a web browser and a web server so that no malicious 3rd party can eavesdrop and tamper with the data.
When it comes to transferring sensitive details such as credit card details and passwords, the significance of HTTPS is substantially elevated.
The Not Secure Warning
If you happen to have an HTTP site, you need to see this. This is how the “Not Secure” warning is going to scare your visitors:
How to Shift to HTTPS?
To migrate your website from insecure HTTP to encrypted HTTPS, you’ll need to install an SSL certificate. This certificate consists of cryptographic algorithms and ciphers that encrypt every bit of information transmitted. Once you install an SSL certificate on your site, your site will be equipped with visual indicators that vouch for your website security. These signs include HTTPS prefix, a padlock and a site seal. If you purchase an advanced SSL certificate, you can even display your organization name.
There was a time when SSL certificates were considered to be a luxury rather than a necessity. Not, the tables have turned. Whether you run a blog with a hundred followers or run a company worth a hundred million, you need an SSL certificate. If you have a website, you need an SSL; it’s as simple as that!