Google is going to make a major push starting next year to get websites to better protect users and rely more on encryption by flagging plain HTTP connections as insecure in Google Chrome, which is undoubtedly the most widely used internet browser in the world. Naturally, this will give site operators cause to finally move on from HTTPS to technologies that make the browsing experience safe for their visitors.
Google has confirmed that it’s going to flag plain HTTP connections as insecure with the release of Chrome 56 in January 2017. Initially, Chrome 56 is going to flag these connections as “not secure” when they are accessed in Chrome’s Incognito mode.
The company’s data shows that almost half of the billions of pages that are loaded by its users are encrypted using HTTPS and that websites are increasingly adopting this advanced security protocol, however, a lot more needs to be done to ensure that almost all websites use HTTPS to secure connections.
Chrome is eventually going to display the warning for all HTTP pages and will also swap the security indicator to a red triangle which it currently uses for broken HTTPS connections.
“Studies show that users do not perceive the lack of a ‘secure’ icon as a warning, but also that users become blind to warnings that occur too frequently,” writes Chrome Security Team member Emily Schechter in a blog post.