Google Chrome to mark all non-HTTPS websites "not secure"
While Firefox has been much better lately, Chrome remains the best overall web browser. Quite frankly, it isn’t a very fair fight, as Google essentially has unlimited resources to innovate. Chrome is fast, feature-full, and very secure. It does a great job of delivering the web to consumers while also helping to keep them safe.
Continuing its trend of protecting Chrome users, Google today makes a big announcement regarding web safety. Starting in July of this year, all HTTP websites will be marked as "not secure." This follows the company marking just some sites this way.
"For the past several years, we’ve moved toward a more secure web by strongly advocating that sites adopt HTTPS encryption. And within the last year, we’ve also helped users understand that HTTP sites are not secure by gradually marking a larger subset of HTTP pages as not secure. Beginning in July 2018 with the release of Chrome 68, Chrome will mark all HTTP sites as not secure," says Emily Schechter, Chrome Security Product Manager, Google.
Schechter further says, "Chrome is dedicated to making it as easy as possible to set up HTTPS. Mixed content audits are now available to help developers migrate their sites to HTTPS in the latest Node CLI version of Lighthouse, an automated tool for improving web pages. The new audit in Lighthouse helps developers find which resources a site loads using HTTP, and which of those are ready to be upgraded to HTTPS simply by changing the subresource reference to the HTTPS version."
Google shares the following statistics regarding web traffic.
- Over 68 percent of Chrome traffic on both Android and Windows is now protected
- Over 78 percent of Chrome traffic on both Chrome OS and Mac is now protected
- 81 of the top 100 sites on the web use HTTPS by default
If you are the owner of a website, you should begin transitioning to HTTPS as soon as possible. Why? Besides the obvious security benefits, you don’t want your visitors to get the impression that you are operating a non-secure site. Before you blame Google for causing you grief, please know that the search giant should be commended for this move, as it ultimately helps to better secure the web.