From the end of this month, Google Chrome will begin making a not secure website warning on all websites without HTTPS. If you have not already done so you should protect your site with an SSL certificate and migrate to HTTPS.
Google made the announcement of the introduction of the not secure website warning last September.
What is HTTPS?
HTTP stands for Hyper Text Transfer Protocol. It is the set of rules used to transfer data from one computer to another across the internet. HTTPS stands for Hyper Text Transfer Protocol Secure, which uses encryption to add a layer of security over the transfer.
When a user visits a website with HTTPS, the session is encrypted using an SSL (Secure Sockets Layer) Certificate. This prevents hackers from spying or stealing information as the data is transferred.
Why is Google introducing this not secure website warning?
Until now HTTPS has only really been used on websites where financial transactions take place or where users are entering sensitive information such as passwords and credit card information. However, with the increase in cyber crime Google wants everything on the web to be travelling over a secure channel. Google feels it has a duty of care to warn users if a site it is sending them to isn’t secure. It also wants website owners to do more to protect their customers.
Alerting users that a website is non-secure will put them off visiting that website, even if they won’t be transferring sensitive data. Website owners will have no choice but to migrate to HTTPS.
How will it work?
Google currently indicates security of the website with a ‘!” icon in the address bar. Beginning with the launch of Chrome 56 (expected at the end of January) Google will mark HTTP pages that collect passwords or credit cards as ‘Not secure’.
Eventually, the plan is to roll out the warning to all users and all websites. The HTTP security indicator will be changed to the red triangle currently used for broken HTTPS.
What action should you take?
To secure your website you will need to obtain an SSL certificate and then migrate to HTTPS. We recommend that you seek assistance from your website developer with this process as it is quite technical.
What are the advantages of HTTPS?
As well as the obvious advantage of not having your website labelled as ‘not secure’ you will also benefit from a faster load time. Google also gives ranking preference to sites with an SSL.