If your website isn’t secured via HTTPS protocol, you might want to start thinking about it. Starting in July, Google Chrome will begin marking all HTTP sites as “not secure,” according to a blog post published today by Chrome security product manager Emily Schechter.
Currently, Chrome displays a neutral information icon which doesn’t really count against a website that isn’t using HTTPS. Starting with Chrome version 68, the browser will warn users with an extra notification in the address bar that the website is not secure. Chrome currently marks HTTPS-encrypted websites with a green lock icon and a “Secure” sign.
To say we didn’t see this coming is untrue. Google has been inching users away from unencrypted websites for years, but this is the biggest step forward by the company. Google search began down-ranking unencrypted websites in 2015. The following year, the Chrome team implemented a similar warning for unencrypted password fields.
The Chrome team said that today’s announcement was mostly brought on by the fact that there’s been a increased HTTPS adoption by the web. Right now, eighty-one of the top 100 websites on the web use HTTPS, and a strong majority of Chrome traffic is already encrypted too. “Based on the awesome rate that sites have been migrating to HTTPS and the strong trajectory through this year,” Schechter said, “we think that in July the balance will be tipped enough so that we can mark all HTTP sites.”