Google began sending out notices to site owners this month, reminding those who haven’t yet migrated from HTTP to HTTPS that in October their sites will be marked “NOT SECURE.”
The warnings are directed to owners of HTTP pages that contain forms, specifically sites that include text input fields like <input type=”text”> or <input type=”email”>.
The messages reiterate the fact that with version 62 of the company’s Chrome browser, slated for stable release on or around October 24, Google will require websites with any kind of text input to have a SSL certificate. That is if site owners don’t want their visitors to see the “NOT SECURE” warning pop up in their browser’s omnibox.
Passwords and credit cards are not the only types of data that should be private. Any type of data that users type into websites should not be accessible to others on the network, so starting in version 62 Chrome will show the ‘Not secure’ warning when users type data into HTTP sites.
HTTP pages send data in the clear from the browser to a webserver. With more than half of the web already encrypted on average, awareness of data protection is improving. But especially when browsing in incognito mode, users may have a false sense of security that their activity online may be secure. When users browse Chrome with Incognito mode, they likely have increased expectations of privacy. However, HTTP browsing is not private to others on the network.
Chrome will eventually display the Not Secure warning for all HTTP pages, regardless of whether the user is browsing in incognito mode.
Time to Act!
If you would like any further details or assistance in changing over your website please contact me and I will be happy to help.
If you would like a FREE Website Maintenance and Security Check contact me here