Since Google announced that it will be marking all HTTP pages across the internet as “not secure,” it scared off website owners with categorically unsafe pages considering its impact to traffic and site performance, and as a result, a large number of web pages have started to be migrated to HTTPS to please the search giant, whose Chrome browser is used by more than 50 percent of the internet population. In view of that fact, Google has officially declared that it will soon be taking down the “secure” label on all HTTPS pages, and more security changes in Chrome can be expected later this year.
Emily Schechter, product manager for Chrome Security at Google, says they will be removing Chrome’s positive security indicators in the long run so a website’s default security status is secure and users “will be warned when there’s an issue.” The process will begin in September with the elimination of the “secure” badge in Chrome 69 version but a more rigid measure will be put on the ground in the following month in Chrome 70, which is the placement of the red “not secure” warning when users give out sensitive information on all HTTP pages. She notes that the usage of HTTP websites was “too high” to mark all pages with a strong red warning right beside the address bar, but the tide has changed since its unabated warnings in the last few months. As previously announced, Google will start marking all HTTP sites as “not secure” in July. Schechter underscores the significance of a secure web which she says is supposedly safe by default and so she encourages that pages be moved to HTTPS.
Google has been rallying for HTTPS, a more secure version of the HTTP protocol used on the web for users to connect to websites. Its first remarkable move in regards to this was in January 2017 with the release of Chrome 56, tagging HTTP pages that collect credit cards or passwords as “not secure”. This was followed in October 2017 with the release of Chrome 62, labeling HTTP sites viewed in Incognito mode as “not secure”.