Internet News

This is how Chrome will force less secured, consumer security ignorant websites to adopt stricter HTTPS standards

Share on Facebook
Tweet about this on TwitterShare on Google+Share on StumbleUponShare on LinkedInPin on PinterestShare on Reddit

Considering how frequent cyber attacks have become, on both commerce related and general sites alike, it is pretty much clear that the entire world wide web needs to move to HTTPS, in order to get at least the minimal layer of protection against such threats.

However, despite all of those attacks and repeated warnings from cybersecurity experts, a whole lot of websites involving monetary transactions continue to ignore consumer security and operate on the usual HTTP protocol. That is soon going to be punishable, and punishable enough that it will lead to those website being tagged as ‘non-secure’ by the world’s most vastly used web browser across platforms – -Chrome.

In a blog post which Google’s security team has published today, Google’s Chrome browser will start tagging websites that transmit passwords or credit cards as non-secure, as part of the company’s long-term plan to mark all HTTP sites as non-secure.

Chrome currently indicates HTTP connections with a neutral indicator, which doesn’t reflect the true lack of security for HTTP connections. FYI, when you load a website over HTTP, someone else on the network can look at or modify the site before it gets to you.  However, once the Chrome 56 update rolls out in January next year, this is how things are going to change :

Additionally, starting January 2017, Chrome 56 will label HTTP pages with password or credit card form fields as “not secure,” given their particularly sensitive nature.


Without any explicit warning, users do not even bother to ponder over how secured their connection to the website they are browsing is. In fact, Google’s own study has revealed the exact the same thing. The study also finds out, that us users become blind to warnings that occur too frequently.

A substantial portion of web traffic has transitioned to HTTPS so far, and HTTPS usage is consistently increasing. More than half of Chrome desktop page loads now served over HTTPS.

In Chrome releases coming up now, Google will continue to extend HTTP warnings, for example, by labelling HTTP pages as “not secure” in Incognito mode, where users may have higher expectations of privacy. The ultimate plan, is to label all HTTP pages as non-secure, and change the HTTP security indicator to the red triangle that is currently in use for broken HTTPS.
Editor-at-large and co-founder at The Tech Portal. He is a tech enthusiast with interests in new-age technology fields like Ai, Machine Learning, AR/VR, Outer Space and related stuff. Drop him a mail anytime, very reachable.

Add Comment

Click here to post a comment

Your email address will not be published. Required fields are marked *