Google just announced that any web page lacking a security certificate (HTTPS) and being served over HTTP is going to be marked as unsecure by the Chrome browser. The change is expected to take place in July this year.
HTTP Pages Will Be Marked As Not Secure in Google Chrome
Even static HTML pages that don’t collect any form data or don’t require any user information will be marked as not secure. More specifically, “beginning in July 2018 with the release of Chrome 68, Chrome will mark all HTTP sites as “not secure,” Google said.
Developers have been switching to HTTPS which has led to a safer web. Google has seen a lot of progress happening last year which is supported by statistics the company provided regarding Chrome traffic:
– Over 68% of Chrome traffic on both Android and Windows is now protected
– Over 78% of Chrome traffic on both Chrome OS and Mac is now protected
– 81 of the top 100 sites on the web use HTTPS by default
Chrome developers have dedicated a lot of time and effort into making it easy to set up HTTPS. In addition, mixed content audits are made available to help developers migrate their websites to HTTPS into the last Node CLI version of Lighthouse, Google said in the announcement.
Lighthouse is an automated tool designed to improve web pages. This new audit will assist developers in locating which resources a site loads over HTTP, and which are ready to be upgraded to HTTPS. This can be done by changing the subresource reference to the HTTPS version.
Lastly, the changes in Chrome should help users understand that an HTTP site is not secure. In addition, HTTPS is now cheaper than ever before and its implementation brings improvements in performance as well.