Judgement Day: Google Chrome 68 Launches Marking All HTTP Sites As 'Not Secure'

by Brandon Hill — Tuesday, July 24, 2018, 11:13 AM EDT

Judgement Day has arrived for site operators that haven't fully switched over to HTTPS. Google Chrome, the world's most popular web browser, has been updated to version 68. And with that upgrade, sites that still rely on plain HTTP will be marked as "Not Secure" within the browser.

With Chrome 67 and earlier versions of Chrome, accessing a website that has fully embraced HTTPS will show a closed lock icon and the word "Secure" in green in the address bar. Visiting a site that still uses HTTP would show an "i" icon in the address bar. Clicking on the "i" would present the following prompt: "Your connection to this site is not secure".

With Chrome 68, Google lays it all out for everyone to see by presenting a "Not Secure" message beside the "i" icon. In a way, it's like Google is publicly shaming these websites to shift to HTTPS encryption.

"Chrome’s new interface will help users understand that all HTTP sites are not secure, and continue to move the web towards a secure HTTPS web by default," wrote Google in a February blog that foreshadowed today's Chrome 68 release. "HTTPS is easier and cheaper than ever before, and it unlocks both performance improvements and powerful new features that are too sensitive for HTTP."

At the time, Google said that over 68 percent of Chrome traffic on Android and Windows was protected by HTTPS, while that figure surpassed 78 percent on Chrome OS and macOS. In the past 5 months, we can only assume that those numbers have ticked upward as sites scramble to avoid getting branded as "Not Secure" by Google.

In addition to the mark of shame that comes from not using HTTPS, Google also penalizes non-secure websites in its search rankings. That fact alone should be enough incentive for sites to accelerate the move to HTTPS.

Starting with Chrome 69, Google will change how it displays "positive security indicators" for websites using HTTPS. Instead of the green lock with "Secure" text, Chrome 69 will instead simply show a standard lock icon in the address bar beside the website URL.

Then, with Chrome 70, the "i" icon with the "Not Secure" label will switch to a red "Not Secure" warning when you start entering in data on an HTTP website. All of this back and forth seems a bit confusing at first, but it appears that Google is marching towards a more unified presentation to allow users to be better informed about security profiles of the websites they visit.

Tags: Google, HTTP, HTTPS, (nasdaq:goog), google chrome, chrome 68

Brandon Hill

Brandon received his first PC, an IBM Aptiva 310, in 1994 and hasn’t looked back since. He cut his teeth on computer building/repair working at a mom and pop computer shop as a plucky teen in the mid 90s and went on to join AnandTech as the Senior News Editor in 1999. Brandon would later help to form DailyTech where he served as Editor-in-Chief from 2008 until 2014. Brandon is a tech geek at heart, and family members always know where to turn when they need free tech support. When he isn’t writing about the tech hardware or studying up on the latest in mobile gadgets, you’ll find him browsing forums that cater to his long-running passion: automobiles.

Opinions and content posted by HotHardware contributors are their own.

Which New GPU Is For You?

Stay updated with the latest news and updates. Subscribe to our newsletter!

Subscribe Now