Google Chrome to label Sensitive HTTP pages as “Not Secure”

“Starting January 2017, Chrome 56 will label HTTP pages with password or credit card form fields as “not secure,” given their particularly sensitive nature.

In following releases, we will continue to extend HTTP warnings, for example, by labeling HTTP pages as “not secure” in Incognito mode, where users may have higher expectations of privacy. Eventually, we plan to label all HTTP pages as non-secure, and change the HTTP security indicator to the red triangle that we use for broken HTTPS.”

Does your website are running a small business or does collect sensitive information such password, Credit card information and personal data? If yes, be warned; by the end of January 2017, Google Chrome will begin marking sites without HTTPS as non-secure. In other words; Chrome will now require HTTPS for sites that collect sensitive information. But wait, what is SSL?

Reel it back – What is SSL /HTTPS?

SSL works to encrypt information between a server and a client. It is a link between a web server and a browser to make sure all data that is transmitted is protected and not intercepted by malicious parties.

There are many personal and private data such as login details, credit card information and personal information like identification number, address, and telephone numbers. SSL makes sure data are sent to intended recipients only. This is especially important for those who operates e-commerce sites or even membership sites that handle sensitive information on a daily basis.

This HTTPS will give you green padlock icon on your URL bar to assure your site visitor that you are indeed a legit site and not a fraud. Https instead of HTTP may assure the visitors that your site can be trusted.

Related post: Why do you need SSL

Be warned that Google will begin marking your site as “non-secure” as the image shown below.

What’s changing?

Previously, In the beginning, network administrators had to figure out how to share the information they put out on the Internet.  They agreed on a procedure for exchanging information and called it HyperText Transfer Protocol (HTTP). Once everyone knew how to exchange information, intercepting on the Internet was not difficult. So knowledgeable administrators agreed upon a procedure to protect the information they exchanged. The protection relies on SSL Certificate to encrypt the online data. Encryption means that the sender and recipient agree upon a “code” and translate their documents into random-looking character strings.                         

The procedure for encrypting information and then exchanging it is called HyperText Transfer Protocol Secure (HTTPS).

According to the Google Security Blog, this current neutral classification for HTTP  “doesn’t reflect the true lack of security for HTTP connections. When you load a website over HTTP, someone else on the network can look at or modify the site before it gets to you.” In an era where concerns about information security are rising and the need to protect personal data becomes paramount, these new security indications will allow users to make an informed decision about which sites to trust with sensitive information such as passwords and payment credentials.

Whenever you try to purchase online, register or subscribe to a website you would expect a secure and private online experience right? Thus, this is why Google taking this steps to ensure your website is a legit site and not a fraud

Now that I understand, what should I do now?

Wait no more, you may purchase an annual SSL Certificate from ServerFreak or you may choose to purchase a hosting package that is Semi -Pro and above which comes with FREE UNLIMITED SSL applied to your domain and subdomain hosted under this packages.