Google Set to Shame/Flag HTTP “Non-Secure” Sites
Google’s security experts promise that with the rollout of Chrome 68 sometime in July, it will begin an unflattering flagging of website that haven’t adopted to more secure protocols by adding secure HTTPS encryption.
“Beginning in July 2018 with the release of Chrome 68, Chrome will mark all HTTP sites as “Not Secure,” states Google Chrome Security product manager Emily Schechter in a Feb. 2018 blog titled “A Secure Web is Here to Stay!”1
What Brought About This Google-Behemoth Beat-Down?
Honestly, you would have had to been asleep under a rock for nearly a decade to miss the bread crumbs Google has left behind warning web specialists of the changes to come. Let’s look at some of the developments that brought on this landmark shaming or flagging of “Un-Secure” websites:
- This web specialist can recall as far back as the early 2000s during the e-commerce boom, when auction, buyer, and seller websites were just emerging, and how businesses were looking for secured ways to make transactions across the Internet. This required programmers to write code and develop websites that were encrypted from the moment a client logged in. There was also the great quest to make all transactions encrypted and safe from tampering. Digitally encrypted signatures also came into fashion.
- Likewise, Google has encouraged web developers to stay away from launching unencrypted websites for years.
- In 2015, Google began to down-rank unencrypted websites.
- In 2016, Google rolled out Chrome 56, which marked HTTP login pages as “not secure” in a field next to the URL. Login pages are especially vulnerable, if not secured, because that’s where hackers can get your username and password.
- Building to secure standards also fights against the rampant Web viruses and corrupt content lurking out on the Internet. In fact, it was recently announced that WordPress has been responsible for 83% of the infected content management systems.2
- By virtue of developing to higher standards, Google has in return rewarded HTTPS websites with higher ranking and better organic search visibility.
Is The Transition to HTTPS Gaining Acceptance?
Well, at Epic Web Results we convert all our roll-on projects to “Secured” websites with HTTPS compliance. This practice keeps everything from logging in at Point A secure to visiting and conducting business at Point B somewhere across the Internet. Here’s more proof HTTPS is becoming the norm:
- More than 68% of Chrome usage from Android and Windows is now secure
- More than 78% of Chrome usage on Mac and Chrome OS is now secure
- Of the Top 100 websites on the Internet, 81 are HTTP compliant
Once Chrome 68 hits the Web, users will see any antiquated website still using an HTTP connection with “Not Secure” in the browser’s omnibox – the field that displays URLs and can also be used to enter new keywords for searches.
If you haven’t made the transition from un-secure to an encrypted connection, then we might suggest using Google’s free auditing tool, Lighthouse, to determine what website content is still using HTTP. Obviously, a secure website will have improved performance and allow you to integrate new powerful tools and features that come from Google and others.
1“A secure web is here to stay” published in Google Security Blog, Feb. 2018.
2“WordPress Security As A Process” published in Smashing Magazine, June 2018.