Google is trying to make the Internet safer and In January 2017, with the release of Chrome 56, they will start showing non-SSL – HTTP websites as Not secure.
Chrome currently displays a green padlock icon with HTTPS in the address bar for sites that are secure and the circle-i with a message that this website is not secure but the security team will be taking it one step further by displaying a red triangle for all HTTP pages.
Emily Schechter, Product Manager for Chrome Security, said on the official Google security blog that the first phase is to flag HTTP sites that process passwords or credit cards.
Then, Google plans to extend the SSL warnings to Incognito mode in following releases and will eventually show a red triangle on all HTTP pages.
This will help answer the visitors question, “Is this site encrypted?” Or, maybe a better question “Is this site safe for transactions?” The answer is, “No, the site is not encrypted, so Not secure.”
This means that, without SSL, someone can not only access the data from the internet, seeing everything we do on a site, but can also control it and manipulate it.
When traffic is not encrypted, it makes us vulnerable to anyone using the same Wi-Fi at the local centre or coffee shop, who can steal our email, passwords or banking information.
With proper installation of an SSL certificate, the “Not Secure” sign will disappear and be replaced by a green padlock icon. Then the site will be secure for any online transactions and public dealings.
It’s important to note that SSL isn’t only about confidentiality, which is how most people think of it but also about integrity and authenticity, which in many cases are much more important.
Schechter also explained that switching over from HTTP won’t affect sites’ search rankings, it is easier to install and much cheaper than ever before, and also enables the best performance and powerful features that are too sensitive for HTTP.
For most startups and small-to-midsize businesses, the move to HTTPS shouldn’t be difficult. While you can buy and install a certificate from multiple providers or your web hosting company itself, most web hosts are offering easy, one-click Encrypt SSL certificate installation and most also provide automatic renewals.
Check out our set-up guides to get started.