Chrome 68 will start displaying a “Not Secure“ warning for any webpage that isn’t secure. Learn why Google is making this update and get the essential information to prepare for the change.
In July 2018, Google will release Chrome 68, which will significantly change how many websites are displayed in the popular browser. Google Chrome 68 will start displaying a “Not Secure” warning for any webpage that isn’t secure (HTTPS).
Google Chrome is the desktop browser of choice for about 67% of internet users worldwide, so any change Chrome makes impacts a lot of users.
All browsers currently mark HTTPS pages (urls that start with https://) as “Secure” with a marker that looks something like this:
Google Chrome and Mozilla Firefox currently mark HTTP pages (urls that start with http://) as “Not Secure”, but only if the page collects passwords, credit cards, or other confidential data. Here’s an example from the ESPN login page:
If the HTTP page doesn’t ask for confidential data, Google Chrome and Mozilla Firefox currently don’t show any security marker:
Starting in July, Google Chrome will show an explicit “Not Secure” message on all HTTP webpages, whether they ask for confidential data or not. HTTP pages will be displayed like this:
Only about one-quarter of small websites use HTTPS by default, so users will see a “Not Secure” message on most websites starting in July (unless many websites switch to HTTPS before then). Most users will probably just ignore the “Not Secure” label, especially if they aren’t entering financial information. (The ESPN login page has been showing “Not Secure” in Chrome and Firefox for quite awhile now, but millions of people still visit the site every month.)
But some users will likely be concerned and/or start avoiding websites with the “not secure” label. Additionally, Google has explicitly stated that they’re making this change because they want webmasters to make the switch to HTTPS. When Google says they want webmasters to do something, it’s usually a good idea to do it because Google has a significant influence on your website’s success. Fortunately, it’s not too difficult to make the switch to HTTPS.
Google explains that this change is designed to make “the web safer for everyone”. There are a couple ways that HTTPS improves safety online:
There’s another important reason Google is making this change: moving the entire web to HTTPS stops ISPs from changing the ads that users see on web pages. (Some ISPs display their own ads to their customers as an extra revenue stream.) Google made over $95 billion of revenue from ads in 2017, and an encrypted web will block ISPs from siphoning off bits of Google’s ad revenue.
It’s important to remember that HTTPS only serves to protect the connection between the user and the website. Many users assume that the “Secure” label means all security factors have been taken care of. Not really. HTTPS doesn’t protect users from hackers or malware spying on their computers, and it doesn’t protect the website itself against hackers, data breaches, or other threats. For users and site owners alike, HTTPS is just the first step towards good web security.
This change is a great opportunity to go ahead and switch your entire website to HTTPS. Your site will get several benefits from making the leap:
To make the switch, you’ll need to install an SSL certificate on your website, then switch all your URLs from HTTP to HTTPS.
If you’re like most marketers, the idea of changing your website URL is about as scary as jumping off a 30’ cliff without knowing if there’s water or rocks below. Visions of lost SEO rankings and crashing visitor counts probably fill your head as you contemplate the possibility.
While there’s always a small risk involved in changing URLs, following these steps will dramatically reduce the risk of any negative side effects:
<http://en.ryte.com/_themes/default/imgs/magazine/ryte_mgzn_wg.svg" alt="RYTE Magazine" id="mgzn_logo">
<https://en.ryte.com/_themes/default/imgs/magazine/ryte_mgzn_wg.svg" alt="RYTE Magazine" id="mgzn_logo">
If you don’t make this change across all files on your site, visitors will get an insecure content warning. Ryte makes it easy to identify HTTP pages. In the “What is indexable?” tab HTTP pages are marked with a red crossed out padlock.
Google has given website owners plenty of time to prepare for this update, and being 100% prepared for it will only take a couple hours for a typical site. With just a bit of preparation, webmasters shouldn’t notice any big impacts when Google Chrome 68 rolls out!
Easily migrate to HTTPS with Ryte FREE
Published on 05/11/2018 by Adam Thompson.
Adam Thompson is a digital tech enthusiast with 15 years of experience in SEO, analytics, web development, ecommerce, and other web technologies. He currently works as SEO / SEM manager at ComodoSSLStore, where he works to make it easier for any website to implement cybersecurity best-practices.