Google Chrome Browser Will Label HTTP Sites as 'Not Secure' Come July

Google has been warning people about the dangers of unencrypted websites for years. But now the company is taking more concrete steps by declaring all HTTP sites as “not secure” starting in July 2018.

Google recently announced that the Chrome browser would soon start marking all HTTP sites as “not secure.” These are the websites that don't have a “secure” message or an icon of a green padlock on the address bar.

In a blog post, Chrome security product manager Emily Schecter confirmed that users will start seeing these changes by July, when Chrome 68 is expected to roll out. The new interface will reportedly continue Google's push for a more secure web by forcing websites to use HTTPS.

HTTP is an acronym for hypertext transfer protocol. It's the standard that makes it possible for users to view and interact with various web pages. However, this interaction or communication as it is, between the user and the website's servers is unencrypted. This means there's a possibility that information that passes between the user and the website can be intercepted.

Meanwhile, communication is safer with HTTPS. The “S” in the said acronym stands for “secure.” Any information that happens between a user and an HTTPS website is encrypted, so it's protected against malicious individuals who might steal information.

Google has been advocating for sites to take advantage of HTTPS encryption. It even ranked sites using HTTPS higher in Chrome's search results in a bid to encourage web developers into utilizing the technology. Google has also been trying to educate users on why HTTP sites are not secure.

The company appears to be making progress as more developers have migrated their websites to HTTPS. More than 68 percent of Chrome traffic on Android is now protected while more than 78 percent is safeguarded on Mac. And of the top 100 sites, 81 are now using HTTPS.

However, switching to HTTPS isn't as easy as it looks. Smaller and newer sites might find moving to that protocol easier with the plug-and-play certificates that servers offer. But larger sites will find transitioning harder since their whole domain has to protect.

[Featured image via Google]