Google Chrome to label sites as ‘not secure’

Until now, Chrome has never explicitly stated that sites without an HTTPS connection are unsafe. So far, sites with HTTPS had been given a ‘Secure’ label, while HTTP sites simply had an open padlock. Studies show that this wasn’t enough to inform users of the risks they were taking. With Chrome 56, any site that asks for personal details such as credit cards or passwords, but doesn’t have an SSL certificate, will have a ‘Not secure’ label to help users understand just how high a risk there is.

We have previously blogged about cyber security and keeping your website safe. In that blog, we explain that an SSL certificate, or Secure Socket Layer certificate, adds an important layer of encryption to information passed to and from the user’s computer. You can tell if a website has an SSL certificate by the prefix in the website bar: it’ll either be HTTP (no certificate) or HTTPS (certificate). We thoroughly recommend you have a read of that blog because there are some very helpful pieces of information about SSLs that could make a big difference to your website (not just in terms of security). One of the key benefits of an HTTPS website is that Google algorithms favour websites with better security, and offer better search engine results.

The full Chrome update will soon come into effect. Those of you who have installed the beta for Chrome 56 may have noticed that a new security feature has been added to the browser to help keep users safe. This feature specifically marks HTTP sites that request information like password fields as ‘Not Secure’.

The beta version of Chrome 56 is available now to download, with the full version following soon. Updates through the year will expand the new security setting to show ‘insecure’ sites even when searching in Incognito mode. They’ll also try to make it universal for all HTTP sites to have the red warning triangle to contrast the lock symbol for HTTPS sites.

It’s not all about security, though. There are other features with Chrome 56 to look forward to, such as the ability for web pages to use Bluetooth connections, and the CSS ‘position: sticky’, which allows elements to ‘stick’ to the top of the screen when you scroll down, such as the subtitle for the section you are reading.

All in all, this update promises to offer better security awareness for users. Many people on the web don’t realise just how vulnerable their information is on HTTP sites. It should also encourage websites to get an SSL certificate lest they are branded with an actual red flag. You can find out more about the other updates the new Chrome will bring here.

Have you installed the Chrome 56 beta yet? We’d be very interested in hearing your opinions on it. Why not send us an @ on our Twitter page? If we manage your website, please contact us to install your certificate, increase security, and ensure your website is labelled as ‘Secure’.