Chrome starts telling users HTTP sites are not secure


Is your site still using HTTP? Google is releasing Chrome 68 that will begin marking pages not using HTTPS URLs as not secure.

Google, in an effort to move Internet users to a more secure Web, is taking another step with the launch of Chrome 68 for desktops on July 24. Starting the same day, Chrome users who visit unencrypted sites will be given warnings. With the latest version of Google Chrome, all HTTP sites will be marked as ‘not secure’. Google had already given developers over six months to move their sites to a secure connection. Back in February, Google had informed that Chrome 68 will start marking all HTTP sites as ‘not secure’ starting in July.

Instead of the small “i” icon for HTTP URLs, Chrome will add a “Not secure” label of text to that. Here is what it looks like today before users upgrade to Chrome 68. Note, most of those who download Chrome are set for automatic browser updates and thus will be upgraded to Chrome 68 automatically in the future.

It is strongly recommended to upgrade your website to HTTPS URLs and be secure, even if your site does not ask for payment information, logins or other private information. Depending upon the size of a site and scope of the project, a migration from HTTP to HTTPS can be quite an undertaking. Check out the resources below for in-depth guides to making this change on your or your client’s sites, along with resources for validation and dealing with mixed content issues.

Ref: Chrome Enterprise release notes