There is a small but significant change from Google, with the release of Chrome 68. The updated browser will now prominently notify browsers when they surf their way to non-HTTPS websites, displaying them as “Not Secure.”
This is Google’s latest step in a long campaign to try and make the web a safer and more secure place for internet users around the world.
If you’re not especially tech-savvy, here’s why it matters:
Anything sent over a non-HTTPS connection is in plain text, including sensitive information like credit card payment info and passwords. This makes it a trivial matter for hackers to snoop and/or steal data. The new “Not Secure” message that Chrome displays is a clear indication to browsers that there’s no SSL Certificate to encrypt the connection between your website’s server and the user’s computer.
Non-HTTPS connections have been considered dangerous for a number of years, but as hackers have gained increasing levels of sophistication, the dangers have only grown over time.
Google has intentionally taken a slow, measured approach to making this change in order to give business owners plenty of time to respond. They began the process in January 2017, with the release of Chrome 56, by displaying a subtle “Not Secure” warning in the address bar of any non-secure websites that were collecting passwords and credit card information on their customers.
Then, in October 2017, the company upped the ante with the release of Chrome 62, which saw the browser begin to display the “Not Secure” warning for any HTTP website that had any kind of text input field. This culminated in the release of Chrome 68, which prominently displays the message for all non-secure sites, period.
The bottom line is, the change has been a long time coming, and if your company hasn’t yet enabled HTTPS on your website, the time to do so is now.