Chrome continues HTTP phase-out by removing 'secure' icon from HTTPS sites

Changes in 'secure' and 'non secure' icons comprise final steps in plan to make web secure-by-default

Google has announced it will stop marking HTTPS sites a "secure" in Chrome, as it wants the protocol to become a default standard for web browsing. 

The search giant currently marks websites on the older and less secure protocol HTTP as "not secure" and uses a green "secure" label ahead of web addresses to denote when a website is using the encrypted protocol. 

Advertisement - Article continues below

But from September 2018 users will no longer see sites marked as secure with the rollout of Chrome 69 as Google aims to make the web "secure by default"; HTTP sites will continue to be labeled as not secure with the rollout of Chrome 70 the following month.

According to Google, HTTP usage was previously far too high to brandish them in a strong red warning, but are now actively encouraging sites to make that transition to a far more secure outlay.

These next steps in the process comprise the final stage in Google's plan to move 'towards a more secure web', a plan that it outlined in 2016.

Writing at the time, Emily Schechter, product manager on Chrome's security team, said: "Chrome currently indicates HTTP connections with a neutral indicator. This doesn't reflect the true lack of security for HTTP connections.

Advertisement
Advertisement - Article continues below

"When you load a website over HTTP, someone else on the network can look at or modify the site before it gets to you.

Advertisement - Article continues below

"A substantial portion of web traffic has transitioned to HTTPS so far, and HTTPS usage is consistently increasing. We recently hit a milestone with more than half of Chrome desktop page loads now served over HTTPS."

Google says HTTPS is cheaper and easier to use, and has also provided a set-up guide for sites seeking to make the transition.

09/02/18 - Chrome pushes to phase out HTTP sites by labelling them as 'not secure' 

Google has announced it will be labelling all HTTP sites as "not secure" with the release of Chrome 68.

The search giant has for some time been encouraging developers to switch their sites to the more secure HTTPS protocol. This stance will now be accelerated by the release of the new Chrome 68 in July.

Users navigating the web through Chrome 68 will find all HTTP sites are classified as not being secure. As users will most likely turn to sites that are HTTPS protected, web developers will also most likely upgrade their sites to counter the loss of web traffic.

Advertisement - Article continues below

Currently over 68% of Chrome traffic on Android and Windows is protected while over 78% is encrypted on Chrome OS and Mac.

In addition, 81% of the top 100 sites now use HTTPS and emboldened by that, Google's open-source Lighthouse tool now has an audit feature that allows developers to see which resources are being loaded as HTTP and which of those can be upgraded to a HTTPS.

"Chrome's new interface will help users understand that all HTTP sites are not secure, and continue to move the web towards a secure HTTPS web by default," Google said. 

"HTTPS is easier and cheaper than ever before, and it unlocks both performance improvements and powerful new features that are too sensitive for HTTP." 

Google's approach to HTTPS adoption is very much a 'carrot and stick' move, on one hand presenting HTTPS as an appealing and easy-to-use protocol and on the other penalising websites that drag their feet when it comes to moving to the more secure protocol.  

Featured Resources

Top 5 challenges of migrating applications to the cloud

Explore how VMware Cloud on AWS helps to address common cloud migration challenges

Download now

3 reasons why now is the time to rethink your network

Changing requirements call for new solutions

Download now

All-flash buyer’s guide

Tips for evaluating Solid-State Arrays

Download now

Enabling enterprise machine and deep learning with intelligent storage

The power of AI can only be realised through efficient and performant delivery of data

Download now
Advertisement
Advertisement

Recommended

Visit/web-browsers/24796/which-is-the-best-browser-chrome-vs-firefox-vs-microsoft-edge
web browser

Google Chrome vs Firefox vs Microsoft Edge

26 Mar 2020
Visit/security/355013/10-quick-tips-to-identifying-phishing-emails
Security

10 quick tips to identifying phishing emails

16 Mar 2020
Visit/business-strategy/mergers-and-acquisitions/354941/panda-security-to-be-acquired-by-watchguard
mergers and acquisitions

Panda Security to be acquired by WatchGuard

9 Mar 2020
Visit/security/privacy/354542/google-looks-to-replace-third-party-cookies-in-two-years
privacy

Google looks to replace third-party cookies in two years

15 Jan 2020

Most Popular

Visit/infrastructure/server-storage/355118/hpe-warns-of-critical-bug-that-destroys-ssds-after-40000-hours
Server & storage

HPE warns of 'critical' bug that destroys SSDs after 40,000 hours

26 Mar 2020
Visit/software/355113/companies-offering-free-software-to-fight-covid-19
Software

These are the companies offering free software during the coronavirus crisis

25 Mar 2020
Visit/software/video-conferencing/355138/zoom-beaming-ios-user-data-to-facebook-for-targeted-ads
video conferencing

Zoom beams iOS user data to Facebook for targeted ads

27 Mar 2020
Visit/cloud/355098/ibm-dedicates-supercomputing-power-to-coronavirus-researchers
high-performance computing (HPC)

IBM dedicates supercomputing power to coronavirus research

24 Mar 2020