Get your FREE copy of "The Ultimate Guide of SSL"

Download Ebook

Google Chrome Will Mark All HTTP Pages as “Not Secure” From July 2018

Starting July 2018, Chrome Will Warn Users Upon Visiting Non-HTTPS Sites

In the past year or so, Google Chrome has upped its game against insecure HTTP and has made various security-related UI changes. It hasn’t been long before Google introduced warnings for HTTPS sites that have text input fields. Now Google has taken the ultimate step, and it’s going to mark ALL HTTP sites as “Not Secure.” Many security experts were crying out for this move for a long-long time, and their wishes are set to be fulfilled beginning this July.

This change is set to be materialized with the launch of Chrome 68, expected to be publicized in July 2018.

Emily Schechter, a Chrome security product manager, announced this on Google’s official blog.

“For the past several years, we’ve moved toward a more secure web by strongly advocating that sites adopt HTTPS encryption. And within the last year, we’ve also helped users understand that HTTP sites are not secure by gradually marking a larger subset of HTTP pages as “not secure.“Beginning in July 2018 with the release of Chrome 68, Chrome will mark all HTTP sites as ‘not secure,” she writes.

Google’s Crusade against HTTP: The Timeline

Google kicked off the ‘HTTPS Everywhere’ campaign in 2014 with the announcement of favoring HTTPS sites in search rankings. Since then, Google hasn’t looked back and has made every move that we could have asked for.

  • 2018: Google announces to label all non-HTTPS webpages as “Not Secure”
  • 2017: Google launches “Not Secure” warning for non-HTTPS pages with text input fields
  • 2016: Google introduces Certificate Transparency
  • 2015: Google restricts specific Chrome features to HTTPS only
  • 2014: Google announces ranking benefits to HTTPS sites

What is HTTPS?

HTTPS stands for ‘Hyper Text Transfer Protocol Secure,’ and HTTP stands for ‘HyperText Transfer Protocol.’ The difference, as you can see, is regarding security. HTTPS is a cryptographic protocol that establishes an encrypted connection between a web browser and a web server so that no malicious 3rd party can eavesdrop and tamper with the data.

When it comes to transferring sensitive details such as credit card details and passwords, the significance of HTTPS is substantially elevated.

The Not Secure Warning

If you happen to have an HTTP site, you need to see this. This is how the “Not Secure” warning is going to scare your visitors:

google-chrome-will-mark-all-http-pages-as-not-secure

How to Shift to HTTPS?

To migrate your website from insecure HTTP to encrypted HTTPS, you’ll need to install an SSL certificate. This certificate consists of cryptographic algorithms and ciphers that encrypt every bit of information transmitted. Once you install an SSL certificate on your site, your site will be equipped with visual indicators that vouch for your website security. These signs include HTTPS prefix, a padlock and a site seal. If you purchase an advanced SSL certificate, you can even display your organization name.

Concluding Thoughts

There was a time when SSL certificates were considered to be a luxury rather than a necessity. Not, the tables have turned. Whether you run a blog with a hundred followers or run a company worth a hundred million, you need an SSL certificate. If you have a website, you need an SSL; it’s as simple as that!

Disclosure: AboutSSL appreciates your continuous support. It helps us tremendously to keep moving in the competitive SSL industry. Here most of the links which direct you to buy any SSL/TLS related service or products earns us a certain percentage of referral commission. Learn More