Chrome 68 marks all HTTP websites as Not Secure
Google announced yesterday that the company's web browser Google Chrome will mark HTTP sites as insecure in Chrome 68 Stable.
The current stable version of Chrome displays an i-icon next to the website address if the site uses HTTP and not HTTPS. HTTPS sites are marked as "secure" in the web browser currently.
Chrome users who click on the icon receive the message "your connection to this site is not secure" and that they should not enter any sensitive data because it can be stolen by attackers.
Google Chrome marks some HTTP sites as not secure already. This is the case for web pages that have password or credit card number fields. Websites with these fields are marked as not secure by the browser since Chrome 56 released in January 2017.
Google Chrome 68 will mark any HTTP site as insecure. Google plans to release Chrome 68 Stable in July 2018.
Webmasters have until then to migrate their sites from using HTTP to HTTPS. Google gives sites that use HTTPS a small boost but that becomes less of a factor as more and more sites start to use HTTPS.
Visitors trust in sites that use HTTP may drop however because of the "not secure" attribute displayed in the browser.
Google notes that 68% of all traffic on Android and Windows, and 78% of all traffic on Chrome OS and Mac OS X is protected by HTTPS already and that the numbers increased significantly in the last year.
Chromeâ€™s new interface will help users understand that all HTTP sites are not secure, and continue to move the web towards a secure HTTPS web by default. HTTPS is easier and cheaper than ever before, and it unlocks both performance improvements and powerful new features that are too sensitive for HTTP.
Chrome users who run development builds can enable the functionality right now in the browser. Just load chrome://flags/#enable-mark-http-as in the browser, click on default and set the preference to enabled. Some development versions of Chrome show the "not secure" flag automatically.
Now You: How do you handle HTTP sites?