Google Chrome Will Soon Warn Users When Visiting Unencrypted Websites
The last thing you want to do is broadcast your bank or other sensitive login credentials for any Nosy Nellie to see. That's why a properly secured website asking for your confidential information uses encryption. Starting soon, Google's Chrome browser will tattle on websites that fail to secure your passwords and credit card details.
There will be a warning when a website using insecure HTTP connections asks for your sensitive data. As it stands, the current version of Chrome (Chrome 53) doesn't explicitly label HTTP connections as non-secure. But beginning in January of next year, Chrome 56 will add the "Not secure" label to HTTP sites that transmit passwords or credit card details. It's part of a broader, long-term plan to mark all HTTP websites as non-secure.
"Chrome currently indicates HTTP connections with a neutral indicator. This doesn’t reflect the true lack of security for HTTP connections. When you load a website over HTTP, someone else on the network can look at or modify the site before it gets to you," Google explains.
Google says that more than half of Chrome desktop page loads are now served over HTTPS. On top of that, since releasing its HTTPS report back in February, a dozen more of the top 100 websites have changed their serving default from HTTP to HTTPS.
HTTPS encrypts data that gets transmitted from your PC to its destination. This makes it far more difficult for hackers to decipher and modify data.
"Eventually, we plan to label all HTTP pages as non-secure, and change the HTTP security indicator to the red triangle that we use for broken HTTPS. We will publish updates to this plan as we approach future releases, but don’t wait to get started moving to HTTPS," Google added. HTTPS is easier and cheaper than ever before, and enables both the best performance the web offers and powerful new features that are too sensitive for HTTP."
Google isn't alone in this regard. Apple is pushing for app developers to use HTTPS connections for mobile apps and will make it a requirement by the end of the year.