Earlier this year, the team behind Chrome stated that all HTTP pages will be marked as ‘Not secure’ later on this year, in a bid to encourage even more site owners to move to the more secure HTTPS standard. We now know a little bit more about planned changes to Chrome’s security indicators, including how HTTPS pages will be shown as default pages going forward.
From September 2018 (and the release of Chrome 69), encrypted HTTPS sites will no longer need a green ‘Secure’ indicator, although the padlock icon will remain to assure users that they are browsing a safe domain. Eventually, even this padlock will be removed so that HTTPS pages appear simply as the standard (see above image).
Similar changes are planned for HTTP sites in order to better warn users of a potential risk to their data security. We already know that they will all be marked with a gray ‘Not secure’ notation from July 2018 (Chrome 68). In addition to this, from October 2018 (Chrome 70) the indicator will be made stronger with a red hue and a warning icon when data is entered on an HTTP page (see below). This will hopefully safeguard users even further.
Back in February, Google said that over 68% of Chrome traffic on Android and Windows came via secure HTTPS sites, with an even higher percentage for Chrome OS and Mac traffic. That number can only be higher now as it gets easier for sites to implement and as browsers increasingly encourage it. We’re all able to browse more safely because of it, so let’s hope that percentage keeps on rising.